Skip Navigation

Evaluate the risk level of a file

You can use the management console to evaluate the risk level of a file, as analyzed and determined by the CylancePROTECT cloud services. This feature gives you insight into how the
CylancePROTECT Desktop
agent would classify a file that it identifies on a device. Currently,
Windows
,
macOS
, and
Linux
executables are supported.
You must have the Administrator role to access this feature in the console.
  1. In the management console, on the menu bar, click
    Protection > Threat Analysis
    .
  2. Do one of the following:
    Action
    Steps
    Look up a file by hash.
    In the
    Hashes
    field, type or paste SHA256 hashes, separating each hash on a new line. You can add up to 32 hashes.
    Upload a file.
    The maximum size of a file that you can upload is 10 MB.
    1. On the
      Upload File
      tab, click
      Browse Files
      .
    2. Navigate to and select the file that you want to analyze. Click
      Open
      .
  3. Click
    Analyze
    .
  4. Review the file status to determine whether a threat was found or if the file is considered safe.
    If you receive a
    File Required
    status after you lookup a file by the SHA256 hash, upload the file on the
    Upload File
    tab.
If necessary, add a file to the global quarantine list or to the global safe list. For instructions, see Add a file to the CylancePROTECT Desktop global quarantine or global safe list.