Skip to content

Antivirus

Antivirus Ontology Model

Field Type Description Required Default
objectid ObjectID The object ID of the antivirus object
Yes
 None
engine_name Keyword Name of antivirus engine
Yes
 None
engine_version Keyword Version of antivirus engine
Optional
 None
engine_definition_version Keyword Version of definition set
Optional
 None
virus_name Keyword The name of the virus
Optional
 None
category Enum What category does the verdict fall under?
  • type-unsupported: File sent to antivirus is unsupported
  • undetected: File not detected by antivirus
  • failure: Antivirus failed during detection
  • suspicious: Antivirus deems suspicious
  • malicious: Antivirus deems malicious

Values:
"failure", "malicious", "suspicious", "type-unsupported", "undetected"
Optional
 None