[MDS] Threat Visibility via Classification
1. Summary
This is a guide to the risk classification of malicious files detected on MDS in versions 2.1.10 and later.
2. Contents
MDS classifies threats into 3 categories of 'Malicious', 'Monitor' and 'Normal'. 'Malicious' is classified again into 3 levels according to the severity. It contributes to effective threat response by providing a total of 10 levels of classification including safe files.
Status | Severity | Description | |
Malicious | High | Known malware | Unknown malware |
Medium | |||
Low | |||
Monitor | Grey 2 | Currently no threats are detected, but pay attention to potentially existing threats |
|
Grey 1 | Events that are unlikely to be malicious, but need to be verified through analysis |
||
Normal | Likely Normal | Files that are classified as normal through scan | |
Normal | Normal file |