SOCaaP automatically generates weekly reports, however I am noticing that they dont contain any “Malware Detected Activity”, even when I specifically have downloaded files to the endpoint that CCS detects as malicious (for testing purposes). I have at least 2 previous incidents in SOCaaP showing the detections of those files.
Is it normal for the reports to not show this activity?
Edit:
Here is the definition of the weekly compliance report that I found:
| Endpoint compliance report | Weekly | Details such as total number of enrolled devices, last reporting status, Comodo anti-virus product version status, new malwares detected in past one week and so on. |
https://help.comodo.com/topic-466-1-…4-Reports.html
To me, that sounds like activity should be reported. The incidents in my SOCaaP are labeled as “Malware Activity”, so why am I not seeing that in the weekly compliance report?