Security Center allows you to use the quarantine operation to handle certain types of alerts online.

Which types of alerts can be handled by the quarantine operation?

You can handle two types of alerts by the quarantine operation. After you confirm that an alert is not a false positive, find it in the Security Center console. Click Processing in the Actions column to quarantine the malicious process and webshell files.

The two alert types are as follows:
  • Malicious process-DDoS trojans
    恶意进程
  • Webshells
    网站后门

All the other alerts have to be handled offline on your servers. You can view the solution for each alert on the alert details page.


解决方案

Where can I view the quarantined files?

In the left pane of the Security Center console, choose Alerts > Quarantine.
文件隔离箱
查看隔离文件

For more information on operations in the quarantine, see Quarantine.