Video Screencast Help

SSIM SEP Collector Data Status ID - Need Explanation

Created: 14 Nov 2012

When drilling down into events that are part of a SSIM incident you discover that SEP has detected a number of malware threats.

The Data Status ID of the threats is listed as :

1) Delayed

2) Partially Corrected

3) Uncorrected

4) Suspicious

5) Unknown

What exactly do these items mean?

* "Uncorrected" is explained as "a threat that has not been remediated, no action taken against it because as a running process it could not be terminated or deleted. The system will need to be rebooted" at the kb article TECH162077-