Deep Discovery Analyzer 6.8 Data Collection Notice

Product / Version includes:

Deep Discovery AnalyzerAll

Last updated: 2024/05/22

Solution ID: KA-0010045

Category: Configure

Summary

Deep Discovery Analyzer includes the following modules which may cause the corresponding data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the data collection by disabling specific modules. Certain data collection may be mandatory and cannot be disabled.

Threat Connect
Sandbox for macOS
Smart Feedback
ICAP Server
Smart Protection
Virtual Analyzer

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

Threat Connect

Threat Connect allows administrators to view related threat information from the global intelligence database.

Data is only sent out when administrators click View in Threat Connect in detailed log view.

Data collected	IP address URL Detection name (from Product)
Console location	Virtual Analyzer > Submissions > Completed
Console settings	View in Threat Connect (in detailed log view) ^{Click the image to enlarge.} ^{Click the image to enlarge.}

Sandbox for macOS

The Trend Micro Sandbox for macOS is a cloud-based service that analyzes possible MacOS threats.

Administrators can enable or disable Trend Micro Sandbox for macOS using the management console. However, disabling Trend Micro Sandbox for macOS severely impacts Deep Discovery Analyzer’s ability to detect advanced malware affecting the macOS platform.

Data collected	File name File content
Console location	Virtual Analyzer > Sandbox Management > Sandbox for macOS
Console settings	Send possible threats for macOS to Sandbox as a Service for analysis. ^{Click the image to enlarge.}

Smart Feedback

Smart Feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Disabling Smart Feedback prevents the transmission of data to Trend Micro.

Data collected	File name File path IP address URL Suspicious executables and partial file content
Console location	Virtual Analyzer > Sandbox Management > Smart Feedback
Console settings	Enable Smart Feedback (recommended) Submit suspicious files to Trend Micro ^{Click the image to enlarge.}

ICAP Server

To determine the threat name, risk rating, and category of URLs extracted from ICAP requests, Deep Discovery Analyzer sends the URL information to Web Inspection Service (WIS) and Web Reputation Service (WRS).

To determine potential threats in files, Deep Discovery Analyzer sends executable files to the Community File Reputation service that scans the files and sends executable and script files to Predictive Machine Learning for further analysis. Administrators can enable or disable ICAP scanning using the management console. If ICAP scanning is disabled, Deep Discovery Analyzer is unable to parse requests sent by the ICAP protocol.

Data collected	URL File name File path File content
Console location	Administration > Integrated Products/Services > ICAP
Console settings	Enable ICAP Enable ICAP over SSL ^{Click the image to enlarge.}

Smart Protection

Trend Micro Smart Protection technology is a next-generation, in-the-cloud protection solution providing File and Web Reputation Services.

Disabling Smart Protection prevents the transmission of data to Trend Micro, but will greatly impact Deep Discovery Analyzer’s ability to detect C&C and malicious activities.

Data collected	IP address URL Domain File name File path File content
Console location	Administration > Integrated Products/Services > Smart Protection
Console settings	^{Click the image to enlarge.}

Virtual Analyzer

Virtual Analyzer is a secure virtual environment that manages and analyzes objects submitted by integrated products, administrators, and investigators.

Disabling Virtual Analyzer prevents the transmission of data to Trend Micro, but will severely impact Deep Discovery Analyzer’s ability to detect advanced malware.

Data collected	IP address URL Host name File name File path
Console location	Virtual Analyzer > Sandbox Management > Images
Console settings	^{Click the image to enlarge.}

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Deep Discovery Analyzer 6.8 Data Collection Notice

Threat Connect

Sandbox for macOS

Smart Feedback

ICAP Server

Smart Protection

Virtual Analyzer

Deep Discovery Analyzer 6.8 Data Collection Notice

Product / Version includes:

Summary

Threat Connect

Sandbox for macOS

Smart Feedback

ICAP Server

Smart Protection

Virtual Analyzer