SEP 12.1 Insight not working?
Yesterday we found a variant of the Zeus malware that was not being detected by SAV10 or SEP11 clients. The file was an .exe and we copied it over to a SEP 12.1 system which has Insight turned up the the highest levels/settings. The file scan came back clean according the the SEP 12.1 client. After submitting this file to Symantec it was determined to be malicous and was added to a future defintion release.
My questions is why didn't Insight pickup on this file as suspicous? Is there a way to see what the reputation scan determined? What about a Symantec Insight website where you can upload suspicous files to be scanned by the Insight technology and provide output? I would have liked to seen the reputation for this file.