Views:

Threat Connect

Threat Connect allows administrators to view related threat information from the global intelligence database.

Data is only sent out when administrators click View Threat Connect in Log detail view.

Data collected	IP address URL SHA1 Hostname
Console location	Virtual Analyzer > Submissions
Console settings	Global Intelligence: View in Threat Connect

Cloud Sandbox

The Trend Micro Cloud Sandbox is a cloud-based service that analyzes possible MacOS threats.

Administrators can enable or disable Trend Micro Cloud Sandbox using the management console. However, disabling Trend Micro Cloud Sandbox severely impacts Deep Discovery Analyzer’s ability to detect advanced malware affecting the MacOS platform.

Data collected	Product information GUID File information File SHA-1 File name File MD5 File size File content Other information DDAaaS API key DDAaaS UUID
Console location	Virtual Analyzer > Sandbox Management > Cloud Sandbox
Console settings	Send possible MacOS threats to the Trend Micro cloud sandboxes for analysis

Smart Feedback

Smart Feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Disabling Smart Feedback prevents the transmission of data to Trend Micro.

Data collected	Product information GUID Product ID Language Platform Product version File information File type SHA-1 File size Parent SHA-1 Engine information (ATSE engine version, pattern version, U-sandbox version, Sandcastle version) Detected information Risk rating Detection name CAV rule id File name File path Violated policy ID Detail Blacklist Type IP Port URL Sha1 Domain TrendX confidence TrendX detection status TrendX pattern version TrendX engine version TrendX feature version Source URL Analysis time Census maturity Census prevalence
Console location	Virtual Analyzer > Sandbox Management > Smart Feedback
Console settings	Enable Smart Feedback Submit suspicious files to Trend Micro

ICAP Server

To determine the threat name, risk rating, and category of URLs extracted from ICAP requests, Deep Discovery Analyzer sends the URL information to Web Inspection Service (WIS) and Web Reputation Service (WRS).

Administrators can enable or disable ICAP scanning using the management console. If ICAP scanning is disabled, Deep Discovery Analyzer is unable to parse requests sent by the ICAP protocol.

Data collected	URL
Console location	Administration > Integrated Products/Services > ICAP
Console settings	Enable ICAP > [ICAP port number] Enable ICAP over SSL

Smart Protection

Trend Micro Smart Protection technology is a next-generation, in-the-cloud protection solution providing File and Web Reputation Services.

Disabling Smart Protection prevents the transmission of data to Trend Micro, but will greatly impact Deep Discovery Analyzer’s ability to detect C&C and malicious activities.

Data collected	File Name Hash (md5/sha1/sha256)
Console location	Administration > Integrated Products/Services > Smart Protection
Console settings	Status: Enabled

Virtual Analyzer

Virtual Analyzer is a secure virtual environment that manages and analyzes objects submitted by integrated products, administrators, and investigators.

Disabling Virtual Analyzer prevents the transmission of data to Trend Micro, but will severely impact Deep Discovery Analyzer’s ability to detect advanced malware.

Data collected	File Name Hash (md5/sha1/sha256) Embedded macro File type Content Registry Network traffic IP/Port URL Process list Installed software info OS Version Language Domain Account Runtime Behavior API call Crash info
Console location	Virtual Analyzer > Sandox Management > Images
Console settings	Delete

Keywords: data collection notice deep discovery analyzer,dcn deep discovery analyzer,data collection notice DDAN 6.1,collected data by deep discovery analyzer,turn off data collection ,disable data gathering,DDAN 6.1 dcn,gdpr deep discovery analyzer,gdpr DDAN

Deep Discovery Analyzer 6.1 Data Collection Notice

Product / Version includes:

Deep Discovery Analyzer6.1

Last updated: 2021/08/28

Solution ID: KA-0008446

Category: Configure

Summary

The following sections outline the features that collect data, the data transmitted, and the locations on the product console where you can disable the features.

Threat Connect
Cloud Sandbox
Smart Feedback
ICAP Server
Smart Protection
Virtual Analyzer

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

Threat Connect

Threat Connect allows administrators to view related threat information from the global intelligence database.

Data is only sent out when administrators click View Threat Connect in Log detail view.

Data collected	IP address URL SHA1 Hostname
Console location	Virtual Analyzer > Submissions
Console settings	Global Intelligence: View in Threat Connect

Cloud Sandbox

The Trend Micro Cloud Sandbox is a cloud-based service that analyzes possible MacOS threats.

Data collected	Product information GUID File information File SHA-1 File name File MD5 File size File content Other information DDAaaS API key DDAaaS UUID
Console location	Virtual Analyzer > Sandbox Management > Cloud Sandbox
Console settings	Send possible MacOS threats to the Trend Micro cloud sandboxes for analysis

Smart Feedback

Disabling Smart Feedback prevents the transmission of data to Trend Micro.

Data collected	Product information GUID Product ID Language Platform Product version File information File type SHA-1 File size Parent SHA-1 Engine information (ATSE engine version, pattern version, U-sandbox version, Sandcastle version) Detected information Risk rating Detection name CAV rule id File name File path Violated policy ID Detail Blacklist Type IP Port URL Sha1 Domain TrendX confidence TrendX detection status TrendX pattern version TrendX engine version TrendX feature version Source URL Analysis time Census maturity Census prevalence
Console location	Virtual Analyzer > Sandbox Management > Smart Feedback
Console settings	Enable Smart Feedback Submit suspicious files to Trend Micro

ICAP Server

Administrators can enable or disable ICAP scanning using the management console. If ICAP scanning is disabled, Deep Discovery Analyzer is unable to parse requests sent by the ICAP protocol.

Data collected	URL
Console location	Administration > Integrated Products/Services > ICAP
Console settings	Enable ICAP > [ICAP port number] Enable ICAP over SSL

Smart Protection

Trend Micro Smart Protection technology is a next-generation, in-the-cloud protection solution providing File and Web Reputation Services.

Disabling Smart Protection prevents the transmission of data to Trend Micro, but will greatly impact Deep Discovery Analyzer’s ability to detect C&C and malicious activities.

Data collected	File Name Hash (md5/sha1/sha256)
Console location	Administration > Integrated Products/Services > Smart Protection
Console settings	Status: Enabled

Virtual Analyzer

Virtual Analyzer is a secure virtual environment that manages and analyzes objects submitted by integrated products, administrators, and investigators.

Disabling Virtual Analyzer prevents the transmission of data to Trend Micro, but will severely impact Deep Discovery Analyzer’s ability to detect advanced malware.

Data collected	File Name Hash (md5/sha1/sha256) Embedded macro File type Content Registry Network traffic IP/Port URL Process list Installed software info OS Version Language Domain Account Runtime Behavior API call Crash info
Console location	Virtual Analyzer > Sandox Management > Images
Console settings	Delete

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Deep Discovery Analyzer 6.1 Data Collection Notice

Threat Connect

Cloud Sandbox

Smart Feedback

ICAP Server

Smart Protection

Virtual Analyzer

Deep Discovery Analyzer 6.1 Data Collection Notice

Product / Version includes:

Summary

Threat Connect

Cloud Sandbox

Smart Feedback

ICAP Server

Smart Protection

Virtual Analyzer