LogoLogo
  • ShieldsGuard - User Guide
  • Installation Steps
    • Shields Guard Installation
    • Shields Guard SEG Installation
  • Getting Started
    • 1. General Welcome and Site Management Panel
    • 2. Overview
      • 2.1 Today's Data
      • 2.2 Country Statistics
      • 2.3 URL Statistics
      • 2.4 IP Statistics
      • 2.5 HTTP Status Statistics
    • 3. Protection
      • 3.1 DDoS Protection
        • 3.1.1 Google Recaptcha Setup
        • 3.1.2 Friendly Captcha Setup
      • 3.2 WAF – Web Application Firewall
    • 4. Security Rules
      • 4.1 BlackList & WhiteList
      • 4.2 User Agent Filtering
      • 4.3 Query String Filtering
      • 4.4 HTTP Header Filtering
      • 4.5 Block POST Values
      • 4.6 Custom Headers
      • 4.7 Block URL Requests
      • 4.8 URL Path Blocking
      • 4.9 Encrypt Path
      • 4.10 Remove Request Value
      • 4.11 Exclude Directories from Protection
    • 5. Logs
      • 5.1 Access Log
      • 5.2 Security Log
    • 6. Asset Management
      • 6.1 Asset Management
      • 6.2 Network Topology
      • 6.3 Vulnerability Scan
    • 7. Access
  • 8. DNS
  • 9. SSL
  • 10. Subdomain Manage
  • 11. Edit Page
  • ShieldsGuard SEG
    • 1. SEG Dashboard
    • 2. Reporting
    • 3. Analyzed
      • 3.1 Files
      • 3.2 URL
      • 3.3 Mail
      • 3.4 Domain
    • 4. Mail Settings
      • 4.1 File
      • 4.2 Mail Body
      • 4.3 Sender Domain
Powered by GitBook
On this page
Export as PDF
  1. ShieldsGuard SEG

3. Analyzed

📖 Overview

The Analyzed section provides a full forensic archive of all previously scanned objects — including files, URLs, emails, and domains. Each entry is tagged with a verdict (e.g., MALICIOUS, SUSPICIOUS, CLEAN), along with timestamped analysis results.

This module functions as a centralized threat intelligence archive, enabling security analysts to review, trace, and act on past security incidents.

🔬 3.1 Files

Displays every scanned file (usually attachments) from your email traffic.

Field
Description

File Name

Unique name or hash of the file

Analysis Time

When the file was scanned

Verdict

Result (e.g., MALICIOUS, CLEAN, MAX FILE SIZE)

Actions

Email link, contextual detail button

Use Cases:

  • Investigate file-based malware campaigns

  • Track file re-use across emails

  • Identify common malicious payloads (.zip, .rar, .tar, etc.)

🛡️ Files marked as MALICIOUS are automatically quarantined.

🔗 3.2 URL

Lists all scanned URLs from email content or headers.

Field
Description

URL Address

Full link found in email or file

Analysis Time

Date/time it was scanned

Verdict

MALICIOUS / SUSPICIOUS / CLEAN

Actions

View in context or add to blacklist

Use Cases:

  • Detect phishing and credential-harvesting links

  • Investigate shortened URLs or obfuscated redirectors

  • Flag suspicious tracking or C2 infrastructure

🔍 All URLs are evaluated through real-time link sandboxing and threat intel feeds.

📧 3.3 Mail

Full log of email-based security events.

Field
Description

Mail ID

Unique ID for the email object

Sender

Origin email address

Recipient

User inbox address

Verdict

SPAM / PHISHING / BLOCKED WORDS / MAX SIZE / SUSPICIOUS

Actions

View full email forensic analysis

Tabs Inside:

  • Attachments

  • Sender Domain

  • URL analysis

  • Mail metadata

📩 This is the core view for threat hunting via mail object correlation.

🌐 3.4 Domain

Tracks sending domains flagged in prior scans.

Field
Description

Sender Domain

Domain that sent malicious/spam emails

Verdict

SPAM / SUSPICIOUS / PHISHING

Actions

Add to Blacklist or Whitelist

Includes domain reputation tracking. Allows inline enforcement through the Block/Allow modal.

🛠️ Helps quickly isolate problematic or abused senders across email campaigns.

Previous2. ReportingNext3.1 Files

Last updated 9 days ago