Using Certified Definitions to Detect and Remediate a New Threat
Last Updated June 30, 2016
To detect and remediate a new threat, Symantec Security Response has emailed to recommended the use of a specific Rapid Release definition sequence number (or later) to detect that threat. However, corporate policy dictates the use of the more thoroughly-tested Certified Definitions. Which set of Certified Definitions will detect the new threat?
If a submitted sample to Security Response is classified as a new detection, the standard email sent from Security Response will contain a Rapid Release Definition sequence number that will detect and remediate the new threat.
Any future sequence numbers associated with the latest Certified Definitions will detect this threat except for in some very rare circumstances when a detection is removed due to Quality Assurance issues.
Please note that certified definition sets are currently released for Symantec Endpoint Protection (SEP) several times per day. It may be a Multiple Daily Definition set, available via LiveUpdate, which next contains the necessary protection.
An illustration of how to check or confirm Sequence numbers is provided in the Connect article Sequence Makes Sense.