3. Analyzed

📖 Overview

The Analyzed section provides a full forensic archive of all previously scanned objects — including files, URLs, emails, and domains. Each entry is tagged with a verdict (e.g., MALICIOUS, SUSPICIOUS, CLEAN), along with timestamped analysis results.

This module functions as a centralized threat intelligence archive, enabling security analysts to review, trace, and act on past security incidents.

🔬 3.1 Files

Displays every scanned file (usually attachments) from your email traffic.

Use Cases:

• Investigate file-based malware campaigns

• Track file re-use across emails

• Identify common malicious payloads (.zip, .rar, .tar, etc.)

🛡️ Files marked as MALICIOUS are automatically quarantined.

🔗 3.2 URL

Lists all scanned URLs from email content or headers.

Use Cases:

• Detect phishing and credential-harvesting links

• Investigate shortened URLs or obfuscated redirectors

• Flag suspicious tracking or C2 infrastructure

🔍 All URLs are evaluated through real-time link sandboxing and threat intel feeds.

📧 3.3 Mail

Full log of email-based security events.

Tabs Inside:

• Attachments

• Sender Domain

• URL analysis

• Mail metadata

📩 This is the core view for threat hunting via mail object correlation.

🌐 3.4 Domain

Tracks sending domains flagged in prior scans.

Includes domain reputation tracking. Allows inline enforcement through the Block/Allow modal.

🛠️ Helps quickly isolate problematic or abused senders across email campaigns.