Machine learning protection

Detection engine guards against malicious system attacks by scanning files, emails and network communication. If an object classified as malware is detected, remediation will start. Detection engine can eliminate it by first blocking it and then taking action such as cleaning, deleting or moving to quarantine.

Real-time & Machine learning protection

Advanced machine learning is now a part of the detection engine as an advanced layer of protection, which improves detection based on machine learning. Read more about this type of protection in the glossary exlink. You can configure Reporting and Protection levels of the following categories:


A computer virus is a piece of malicious code that is prepended or appended to existing files on your computer. However, the term “virus” is often misused. "Malware” (malicious software) is a more accurate term. Malware detection is performed by the detection engine module combined with the machine learning component. Read more about these types of applications in the glossary exlink.

Potentially unwanted applications (PUAs)

A Potentially unwanted application is a software with an intent not unequivocally malicious, however; it may install additional unwanted software, change the behavior of the digital device, perform activities not approved or expected by the user or has unclear objectives.
This category includes advertising display software, download wrappers, various browser toolbars, software with misleading behavior, bundleware, trackware, etc.
Read more about these types of applications in the glossary exlink.

Potentially suspicious applications

Is a software compressed with packers exlink or protectors frequently used to deter reverse engineering or to obfuscate the content of the executable (for example, to hide the presence of malware) by proprietary methods of compression and/or encryption.
This category includes: all unknown applications that are compressed with a packer or protector frequently used to compress malware.

Potentially unsafe applications

This classification is given for commercial, legitimate software that might be misused for malicious purposes. An unsafe application refers to legitimate commercial software that has the potential to be misused for malicious purposes.
This category includes: cracking tools, license key generators, hacking tools, remote access or control tools, password-cracking applications and keyloggers (programs that record each keystroke typed by a user). This option is disabled by default.
Read more about these types of applications in the glossary exlink.

Read the following before modifying a threshold (or level) for category Reporting or Protection:

expand Reporting

expand Mail Transport & Machine learning protection

expand Mailbox Database Protection & Machine learning protection

expand On-demand mailbox database scan & Machine learning protection