09-03-2020 11:22 AM
Hi Team,
Is it possible to download a file that has already been quarantined?
The file is malicious and I don't want to restore it on the user host before to download it.
Thanks
Solved! Go to Solution.
09-03-2020 12:32 PM
Greetings Podman,
Yes, this is possible. You can perform a File Fetch which will place the file into the File Repository under Analysis. You will need to make sure you have two factor authentication (2FA) enabled for this to work. Once enabled all you need to do is find the file you wish to request either via the Events under Analysis or by searching the SHA and from the context menu (the drop-down arrow next to the SHA) you can perform the fetch. If it is a Threat Detected and Quarantine event you should also be able to find it via the Dashboard under Significant Compromise Artifacts.
All files downloaded from the File Repo will be zipped and password protected.
09-03-2020 12:32 PM
Greetings Podman,
Yes, this is possible. You can perform a File Fetch which will place the file into the File Repository under Analysis. You will need to make sure you have two factor authentication (2FA) enabled for this to work. Once enabled all you need to do is find the file you wish to request either via the Events under Analysis or by searching the SHA and from the context menu (the drop-down arrow next to the SHA) you can perform the fetch. If it is a Threat Detected and Quarantine event you should also be able to find it via the Dashboard under Significant Compromise Artifacts.
All files downloaded from the File Repo will be zipped and password protected.
09-03-2020 01:26 PM
Thanks Dmitri
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide