Video Screencast Help

virus lookup table

Created: 14 Jan 2014
dpirolotvc's picture
0 Agree
0 Disagree
0 0 Votes
Login to vote

It doesn’t seem that SEPM has an easy way to show virus severity.  It just listed the risk name.  If we have a number of different viruses in our environment, it is difficult to determine criticality and prioritize the remediation without a lot of manual research. 

You have the information on your site, so it appears this data exists.  For example,  if I want to lookup Trojan.Zbot, I can use your “Search Threats” search engine, but that returns too many pages. I just want the specific details about that particular virus, specifically it’s risk and damage rating found on this page.

I found this database, but it doesn’t seem to really correspond with the results from SEP nor do I see an API or a way to query the data from Symantec.

It would be helpful if this data was part of the LiveUpdate download.  Ultimately what I'd like is a way to determine the severity of found viruses in our environment that can be imported/piped into a lookup table that can be digested by our internal Splunk system.