CPC G06F 21/554 (2013.01) [G06F 21/53 (2013.01); G06N 5/04 (2013.01); G06N 20/00 (2019.01); G06F 2221/033 (2013.01)] | 20 Claims |
1. A non-transitory computer-readable storage medium having computer-readable code stored thereon for programming one or more processors to perform steps of:
obtaining a file associated with a user for processing;
utilizing a combination of policy for the user and processing of the file with machine learning to determine whether to
i) quarantine the file and scan the file in a sandbox,
ii) allow the file to the user and scan the file in the sandbox, and
iii) allow the file to the user without the scan;
responsive to the allow the file, sending the file to the user independent of the sandbox;
responsive to the quarantine of the file and the sandbox determining the file is malicious, blocking the file; and
responsive to the quarantine of the file and the sandbox determining the file is benign, allowing the file.
|