Custom Defense

HTTP > Advanced Threat Protection > Custom Defense

With an optional license key you can integrate IWSVA with the DDA sandbox to defend against offline custom-defense APT attacks from malicious programs through HTTP/HTTPs traffic.

ATSE engines can be used to scan for viruses and suspicious files. These engines are more aggressive than VSAPI engines. They can apply Heuristic Detection rules and vulnerability rules to identify APT detection.

Enable Custom Defense

Click this check box to enable or disable IWSVA integration with the DDA server. If the DDA server is not recognized, IWSVA cannot save the settings.

Settings for Virtual Analyzer C&C List

Enter the IP address, port, and API key of the Virtual Analyzer server.

Click Test Connection to confirm proper integration.

Actions

Select based on the file types you would like to sample submission. Select to block or monitor synchronized, blacklisted content by clicking "Enable generated Malicious entity feedback."

/*<![CDATA[*/ $('#title').html($('meta[name=map-description]').attr('content')); /*]]>*/

Custom Defense

Enable Custom Defense

Settings for Virtual Analyzer C&C List

Actions