Attachment: EICAR String Present
This rule detects the EICAR test string, used to evaluate Anti-Virus scanning and file inspection capabilities.
For performance reasons, this rule is limited to attachments with "eicar" in the file name.
Test against your own EMLs or sample data.
Get Started. Today.
Managed or self-managed. No MX changes.