Additional details around the technologies used to trigger WS.Reputation.x detections
Article ID: 409072
Updated On:
Products
Endpoint Security Complete
Endpoint Protection
Endpoint Security
Issue/Introduction
Additional details around the technologies used to trigger WS.Reputation.1, WS.Reputation.3, WS.Reputation.5, and WS.Reputation.6 type detections?
Resolution
| Virus name | Details |
| WS.Reputation.1 | Reputation conviction associated with Auto Protect Download Insight feature, triggering on new PE files meeting a specific reputation score criteria. |
| WS.Reputation.3 | Reputation conviction associated with High Intensity Detections (HID), a product configurable option (Malware Protection specific policy) which can be scaled to address the aggressiveness of detections. (NOTE: Only present in Hybrid, SES Cloud, or SEP 16 deployments) |
| WS.Reputation.5 | Reputation conviction associated with File Reputation Service (FRS) detections returned from Threat Intelligence Service (TIS). |
| WS.Reputation.6 | Reputation conviction associated with a recurring background scan responsible for establishing reputation scores in advance for trusted files. Files are scored based on various file traits and levels of trust. This background activity offers protection and enhances scan performance, with its results contributing to the "Files Trusted" count in the Scan completion event. (Present in On Prem SEP client version 14.3 RU8 and later, but is no longer available in SEP 16 ESA agent) |
*If you believe a file is clean and the detection is a False Positive, submit the file to SymSubmit.
Feedback
Yes
No
Powered by
