File Type Analysis
Table of Contents
4.2 (EoS)
Expand all | Collapse all
-
- Set Up the Endpoint Infrastructure
- Activate Traps Licenses
-
- Endpoint Infrastructure Installation Considerations
- TLS/SSL Encryption for Traps Components
- Configure the MS-SQL Server Database
- Install the Endpoint Security Manager Server Software
- Install the Endpoint Security Manager Console Software
- Manage Proxy Communication with the Endpoint Security Manager
- Load Balance Traffic to ESM Servers
-
- Malware Protection Policy Best Practices
- Malware Protection Flow
- Manage Trusted Signers
-
- Remove an Endpoint from the Health Page
- Install an End-of-Life Traps Agent Version
-
-
- Traps Troubleshooting Resources
- Traps and Endpoint Security Manager Processes
- ESM Tech Support File
-
- Access Cytool
- View the Status of the Agent Using Cytool
- View Processes Currently Protected by Traps Using Cytool
- Manage Logging of Traps Components Using Cytool
- Restore a Quarantined File Using Cytool
- View Statistics for a Protected Process Using Cytool
- View Details About the Traps Local Analysis Module Using Cy...
- View Hash Details About a File Using Cytool
File Type Analysis
Traps analyzes files based on the type of file, regardless
of the file’s extension. For deep inspection and analysis, you can
also configure your ESM to forward samples to WildFire. A sample can
be:
- Any Portable Executable (PE) file including (but not limited to):
- Executable files
- Object code
- FON (Fonts)
- Microsoft Windows screensaver (.scr) files
- Microsoft Office files containing macros opened in Microsoft Word (winword.exe) and Microsoft Excel (excel.exe):
- Microsoft Office 2003 to Office 2007—.doc and .xls
- Microsoft Office 2010 and later releases—.docm, .docx, .xlsm, and .xlsx
- Dynamic-link library file including (but not limited to):
- .dll files
- .ocx files
- Mach-o files
For details on enabling the ESM to forward samples to WildFire,
see Set
Up the ESM to Communicate with WildFire.