Overview
- This article explains how to check the details of threats detected by Cloud Protection and how to report false positives.
Notes
- The content of this article is based on the product specifications as of July 2026 and may be changed without notice thereafter.
- Due to updates or specification changes, some displays and other elements may differ.
Procedure
-
Log in to the Admin Portal and select [COLLABORTION PROTECTION] - [Detections] from the sidebar.
-
You can check the list of detected security events.
-
By clicking the ID of each event, you can check the event details (such as the action taken, including quarantine, and the detected threat files or URLs). You can also release a falsely detected file by changing [Action Taken].
※ If you change the action taken status of a falsely detected file to "Release" and then change the quarantine ID status to "Closed: False Positive," files similar to the file determined to be a false positive will no longer be detected.The severity of detected events is classified as follows.
※ Severity is determined by the policy action, not by the risk level of the relevant file or URL itself.- Low: The item is from a trusted source, so no action is required.
- Medium: The item has been automatically quarantined or deleted by policy, so no action is required.
- High: Displayed when the action policy for a malicious item is set to "Do nothing" or "Modify subject and unlink URL." Please consider configuring quarantine settings for the item.
Translation Disclaimer
This article has been automatically translated from the original Japanese version for your convenience.
While we strive to ensure accuracy, we cannot guarantee its reliability or completeness.
In the event of any discrepancies or questions regarding the content, the official Japanese version shall prevail.