cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

Malware lookup - More analysis for management

bjames
Level 5
Level 5

We (like anyone) get a ton of malware via SMTP. It gets blocked but I have no way to report to management what the malware was, what the business risk is, etc.

Cisco support said to turn on capture so it can get the file on Firesight, but still there is no way I can see to give me a full "This was a Locky variant that has a CVE of xxx.x, you can read more on this here"

Surely there is a place to go in Talos or via the actual SHA value to see what the malware was' no?

Thanks

Bob James

Who Me Too'd this topic