Advanced Threat Report

The Advanced Threat Report details all emails submitted to Sophos Labs Intelix for advanced threat analysis.

Go to Overview > Logs & Reports > Reports > Advanced Threat Report.

You can view messages that occurred in the past 365 days or less. Messages for the last 30 days are shown by default.

The report shows clean, likely clean, suspicious, and malicious emails in graph form and in a list. They are categorized by the level of threat and you can filter the graph by Scan result. You can export the list in CSV or PDF format. Any emails that encounter errors are quarantined.

You can click the subject of any email to see Message Details. This shows you more information about the contents of a specific email and the results of the analysis. There are the following sections:

  • Summary: Details of the email and whether it was delivered.
  • Threat prevalence: How many times this malware has been received at your organization and other organizations.
  • Static analysis: Details of machine learning analysis.
  • Dynamic analysis: Results from tests run in a sandboxed environment.

If analysis is still in progress, you can't click the subject.

Use this information to determine the severity of the threat in an email.