Agari utilizes a third party attachment scanning solution whose primary focus is on grading attachments for different types of malware and exploits. The solution looks at files and embedded files that match against the vendors' library of YARA rules. YARA rules are an industry-wide standard looking for similar characteristics of viruses in other files.
Currently, the following attachment file types are supported:
- Archive file formats (zip/rar/tar/{gz/gzip/tgz}/{bz2/bzip2/tbz2/tbz}/cab)
- Office files, PDF, MHTML, email files, image files, flat data files, RTF
- Flash, video formats, Javascript, VBA
URIs in the following attachment types are extracted and checked against our URI scanning system.
- Microsoft Office and Adobe Acrobat documents attached to messages.
If you feel that an attachment is incorrectly scored please open a support case with the attachment included and we will work with our vendor for further analysis.
Comments
0 comments
Please sign in to leave a comment.