Trend Micro Predictive Machine Learning uses advanced machine learning technology to correlate threat information and perform in-depth file analysis to detect emerging unknown security risks through digital DNA fingerprinting, API mapping, and other file features. Predictive Machine Learning also performs a behavioral analysis on unknown or low-prevalence processes to determine if an emerging or unknown threat is attempting to infect your network.
Predictive Machine Learning is a powerful tool that helps protect your environment from unidentified threats and zero-day attacks.
Predictive Machine Learning requires that you enable the following services:
- Unauthorized Change Prevention
- Advanced Protection Service
For more information, see Enabling or Disabling the Agent Services from the Web Console.
To configure Predictive Machine Learning Settings:
- Go to Agents > Agent Management.
- In the agent tree, click the root domain icon to include all agents or select specific domains or agents.
- Click Settings > Predictive Machine Learning Settings.
The Predictive Machine Learning Settings screen will appear.
- Select "Enable Predictive Machine Learning".
- Under Detection Settings, select the type of detections and related action that Predictive Machine Learning takes.
Detection Type Actions File
- Quarantine: Select to automatically quarantine files that exhibit malware-related features based on the Predictive Machine Learning analysis
- Log only: Select to scan unknown files and log the Predictive Machine Learning analysis for further in-house investigation of the threat
- Terminate: Select to automatically terminate processes or scripts that exhibit malware-related behaviors based on the Predictive Machine Learning analysis Predictive Machine Learning attempts to clean the files that executed the malicious processes or scripts. If the clean action is unsuccessful, Predictive Machine Learning quarantines the affected files.
- Log only: Select to scan unknown processes or scripts and log the Predictive Machine Learning analysis for further in-house investigation of the threat
- Under Exceptions, configure the global Predictive Machine Learning file exceptions to prevent all agents from detecting a file as malicious:
- Click Add File Hash.
The Add File to Exception List screen will appear.
- Specify the file SHA-1 hash value to exclude from scanning.
- Optionally provide a note regarding the reason for the exception or to describe the file name(s) associated with the hash value.
- Click Add.
Predictive Machine Learning will add the file hash to the Exceptions list.
- Click Add File Hash.
- If you selected domain(s) or agent(s) in the agent tree, click Save.
If you clicked the root domain icon, choose from the following options:
- Apply to All Agents: Applies settings to all existing agents and to any new agent added to an existing/future domain. Future domains are domains not yet created at the time you configured the settings.
- Apply to Future Domains Only: Applies settings only to agents added to future domains. This option will not apply settings to new agents added to an existing domain.