Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create a Malware Policy

Malware Policies allow you to remediate malware threats separately from policy violations. 

To create a Malware Policy:

  1. Go to Policy > Malware Policies.
  2. Click Actions > Create a Malware Policy.

    Malware Policy Create.png
     
  3. In the Create a Malware Policy page, enter a name for the new Policy, and add an optional Description.
  4. For Services, click and select the service instance you want to scan.  
    malware_services_5.5.2.png
  5. For Users, allow the default All Users, or click Edit and choose an option. Click Save.

    Malware Policy 2 half.png
     
  6. For User Groups, allow the default All User Groups, or click Edit and choose a subset of User Groups. Click Done.
    malware_user_groups_5.5.2.png
  7. Click Next.
  8. On the next page, under Rules, choose an option for If and. Next, you can choose to add an And field to the rule.
    malware_severity_5.5.2.png
  9. Malware Confidence levels are Very High, High, Medium, Low, and Very Low. They match that level and any level higher than that. For example:
    • A file with a Malware Confidence of High would match a rule that is HighMediumLow, or Very Low
    • A file with a Malware Confidence of Low would match a rule that is Low or Very Low
    • It is best practice to create the policy with rules in descending order of Malware Confidence. 
  10. Select an Assign Severity option for Then: Critical, Major, Minor, Warning, or Info. Click Next.
  11. Add an optional Exception. Choose an option for Except, then click Next.
    malware_response_5.5.2.png
  12. In the Responses page, choose an option for If, and add select an option for Then. Click And to specify additional response actions. Click Next.
  13. Review the policy. Then click Save to activate the policy. 
    malware_review_5.5.2.png
  • Was this article helpful?