If an anti-virus program is running on the Discover target (repository), and it detects a virus within a confidential file that violates a detection policy, the AV solution may quarantine the file before Vontu sends the file through to detection. In this case, does Vontu create an incident?
Once file contents are opened and inspected, it is unlikely that the "cracked virus" would trigger AV detection. If an AV product is running on the target server, the file will most likely be blocked and recorded as an "unprocessable item".
Imported Document ID: TECH221350
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe