Target
- Administrators who perform the initial setup and operational management of HENNGE Cloud Protection are the target audience of this article.
Purpose
- This article explains how to conduct retesting by sending specimens to WithSecure, a company collaborating with HENNGE Cloud Protection's automation system.
- If the following detections occur in HENNGE Cloud Protection, sending specimen files to the manufacturer (WithSecure) can improve detection accuracy and confirm file security:
1. False positives: Identifying harmless items as harmful
2. False negatives: Identifying harmful items as harmless
Notes
- The content of this article is based on the product as of November 2024 and is subject to change without notice.
- HENNGE Cloud Protection administrator privileges are required for actual screen verification and configuration changes.
- Since this process is fully automated, there will be no email response from the manufacturer.
- Risk assessment may vary, and files/URLs may not be added to the virus database. Please note that analysis result information will not be provided in such cases.
- For the HENNGE Cloud Protection Administration screen URL and login information, please refer to the login information sent to you during implementation.
Procedure
1. Customers using services that automatically encrypt attachments (including HENNGE Email DLP) can follow the instructions in step 4 to send them.
For customers using HENNGE Email DLP, please review the following:
【Settings in HENNGE Email DLP】 +
2. Set the password for the sample file as "infected" (excluding the quotes) and create a ZIP encrypted file.
※ Files that have been compressed multiple times in ZIP format are not supported.
3. Attach the sample file to the email address below and send the email.
vsamples@file-samples.withsecure.com
4. Perform an automatic re-examination at WithSecure.
※ The investigation will be completed in about 30 minutes.
If the safety is confirmed, the file will be detected as safe thereafter.
If there is a perceived risk, the file will be detected as dangerous thereafter.
Reference
You can refer to the evaluation status by each AntiVirus product on VirusTotal.
※ Paid users of VirusTotal can download uploaded files. To prevent information leakage, it is recommended to search using the hash value of the target file when using it.
VirusTotal (External Link)