How does Deep Security handle suspicious processes?

Deep Security's approach to handling suspicious processes involves performing additional checks with Trend Micro's Smart Protection Network (SPN). This method leverages the power of a cloud-based security intelligence network that aggregates threat intelligence from a wide variety of sources, allowing for real-time analysis of suspicious behavior.

When a process is identified as suspicious, the platform doesn't automatically terminate it or ignore it; rather, it cross-references the threat with the vast database provided by SPN. This ensures that the response to potential threats is informed by the latest threat intelligence, improving the accuracy of detection and reducing the risk of false positives.

By utilizing additional checks, Deep Security can make more informed decisions regarding the nature of the process in question, either confirming it as a threat or potentially mitigating concern without jumping to conclusions. This proactive and informed approach enhances the overall security posture of the protected environment.