In General settings, you can toggle the analysis of file entropy and magic numbers, a critical feature for determining file encryption. The entropy analysis inspects the file header for randomness, indicative of encryption. Magic numbers analysis assesses the file signature to identify standard file extensions, indicating unencrypted files.
The file entropy and magic numbers analysis are crucial in verifying file encryption in the incidents feature and minimizing false positives in the threshold strategy. Activating the Check file entropy on anomaly detection option in GuardMode Agent initiates the analysis.