Submit a threat scan request from the Security Incident Catalog

If the Security Incident Response plugin is activated, you can submit malware scans for files, hash values, URLs, and IP addresses from the security incident catalog. The requests are submitted and you can view the results in the My Requests module.

Before you begin

Role required: none

Procedure

  1. Navigate to Self-Service > Security Incident Catalog.
  2. Click Malware scan.
  3. Click Check files, hash values, URLs or IP addresses.
  4. Enter one or more of the following to be scanned.
    Table 1. Threat Scanners
    Item to be scanned Description
    Files Click the paperclip icon, then locate and attach the files you want scanned.
    Note: By default, the File scan type is inactive. If you want to scan a file, select Hash > Attachment to scan > Submit or click the paper clip icon in the form header and attach one or more files. If you wish to scan a file instead, see Change File scan type behavior.
    URLs In the URLs to scan field, enter the URLs you want to scan, separated by commas; for example: www.abc.com,www.xyz.net.
    IP addresses In the IP addresses to scan field, enter the IP addresses you want to scan, separated by commas.
    Hash values In the Hash values to scan field, enter the hash values you want to scan, separated by commas.
  5. When you have made your selections, click Submit.
  6. To view the status and/or results of the scans, navigate to Self-Service > My Requests.
  7. Click the SR number for the request.
    The work notes under Activity lists the tasks performed during the scan, including the creation of individual scans for each file, hash value, URL, or IP address, and the scan results.