Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Information on URL Scanning of Trend Micro Cloud App Security (CAS)

    • Updated:
    • 27 Aug 2021
    • Product/Version:
    • Platform:
Summary

This article explains how Cloud App Security (CAS) scans URLs within emails. It also defines why in some cases CAS is suspected to click URLs within emails.

Details
Public

Cloud App Security scans emails in the following order:

  1. CAS will scan the URLs in the mail body and the URLs in the attachment (if feature is enabled) using Web Reputation Service (WRS).
  2. CAS checks customer's policy settings and WRS result.
  3. URLs will be scanned by Dynamic URL Scanning (if feature is enabled).
     
    Dynamic URL Scanning, is a feature leveraged by CAS to detect phishing websites. Dynamic URL Scanning will try to crawl the URL's website, and is responsible in clicking the URLs for evaluation purposes. This is one reason why CAS is suspected to click URLs within emails.
     
  4. CAS will scan the email using Computer Vision Technology.
  5. If the URL is not rated/detected by WRS, Dynamic URL Scanning and Computer Vision Technology, CAS will send the URL with payload to Virtual Analyzer (if the feature is enabled).
 
For Steps 3, 4, and 5, the URL is "clicked" after each feature scans the email.
 

To prevent CAS from "clicking" the URLs, refer to the "How to prevent CAS from "clicking" the URL in Phishing Awareness Campaign mails?" section of Frequently Asked Questions (FAQs) and How-Tos about the Features of Cloud App Security (CAS).

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000288380
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.