The local malware detection engine statically analyzes and preclassifies files using
signatures provided by Cisco. If you enable this option,
the management center checks for signature updates once every 30 minutes.
Share URI from Malware Events with
Cisco
The system can send information
about the files detected in network traffic to the AMP
cloud. This information includes URI information
associated with detected files and their SHA-256 hash
values. Although sharing is opt-in, transmitting this
information to Cisco helps future efforts to identify
and track malware.