Security Center allows you to use the quarantine operation to handle certain types of alerts online.

Which types of alerts can be handled by the quarantine operation?

You can handle two types of alerts by the quarantine operation. After you confirm that an alert is not a false positive, find it in the Security Center console. Click Processing in the Actions column to quarantine the malicious process and webshell files.

The two alert types are as follows:
  • Malicious process-DDoS trojans
  • Webshells

All the other alerts have to be handled offline on your servers. You can view the solution for each alert on the alert details page.


Where can I view the quarantined files?

In the left pane of the Security Center console, choose Alerts > Quarantine.

For more information on operations in the quarantine, see Quarantine.