Jump to content

Tita314

Members
  • Posts

    24
  • Joined

  • Last visited

Everything posted by Tita314

  1. Hello, Does anybody realize integration ESA with Cisco ISE? the question is: Can we add the second factor ESA to additional protection of clients CISCO AnyConnect, who identify with CISCO ISE, using protocol MS Chap2?
  2. Peter, thank you very much! And where i can find information about technical aspects: API Settings, Yara rules, description of statuses, schedule of information update and so on
  3. Hello, Is there any news about ETI services documents?
  4. Hi everybody! I look through the MITRE results. Good JOB! do you have plans to include Linux detections?
  5. Thank you! And how about reports, documentation and etc. about this service to study? Especially, about correlation with different APT and MITRE?
  6. Hi everybody! Why there is no topic about ETI???? I'm very interested in this service. Where I can know more about it? is there any information about APT in reports or context?
  7. Michalj, Thanks, the information is very useful! I try to follow each ESET activity. it would be great if you can real cases and roadmap of developing the EEI. More information - more customers! looking forward to the end of MITRE testing
  8. @michalj Thank you for your answer. I mean referencing real life users of ESET EDR solution.
  9. Hi, Marcos, Can you guide me where to find real use cases EEI in the organizations round the world? I find only common information about ESET's customers on different sites, but it is not clear who integrated EEI
  10. Michalj, thank you for your answer/ It is a very good news! Maybe you can declassify a little bit more features that are in development? We miss the news about improvement!
  11. Marcos, Thanks for a quick answer! I mean, do you plan to organize automatic actions according to the broken rules?
  12. Good Day, Marcos! Do you know smth about developing Automated Response in EEI? Maybe you know some other future changes?
  13. So, that's the point. I try to find, for example, such a configuration of settings of AV, that can react to the threats to ESET's capabilities!
  14. Also in this article https://www.eset.com/sg/about/newsroom/press-releases1/whitepapers/dont-fall-for-poisoned-apples/ mentioned "remediation" - What does it mean and how it realized?
  15. Hi everybody! I have a few questions about Enterprise Inspector. Can EEI register in some way remote appeal to ADMIN$, C$ folders? Can EEI register the entering of a new network port in an interception mode? Can EEI detect outgoing scanning - massive appeal to IP\host range?
  16. I would like to add about cymulate and AV. No matter, how much does it cost, it has a special mode to detect how AV works. The first part of the test (the behaviour analysis) ESET passes excellent. But with the second one - smth goes wrong. Because I know exactly, that ESET knows this malware, and know more signaturs then another testing solution. I want ESET helps me to produce the second part of testing according to thier oppotunities. To proove thier high results of independent labs. It will be great if ESET have an hour to investigate this case with me. And we can publish the true results.
  17. Marcos, I will send you a report, where all methods are described. we set the exception to the folder for the "Solution" and its agents. I hope it will be more clear when you read the document.
  18. So, i don say thay ESET is bad. I was suprised to see such a results, knowing that ESET shows best record in AV test and so on. AV policy configuration is "max protection" ( so, there is continuous real-time protection). I hope we can solve this task and find what is the matter
  19. The thing is , ESET knows all this malwares ( according to Virus total) Hash of malware examples SHA-256 bceaa25d38775cf8ba6c21e77d62a1ea204b37bda59a25c0a4a56b97d97f0da4 SHA-1 e19cfa4a0b5e886f715d1ed86d4798d9b95e8b11 MD5 f2e4ac5d86d1ccbc322746a0f4d03f36 NAME 2018-08-21-downloaded-Word-doc-with-Macro-for-Hancitor_mail.doc But as I find ESET cannot recognise files as "infected" untill: 1) it is not used in some process or 2) user dont expoite the folder with this malwares. And I cannot understend why it is so? why AV allows existence of the infective files.
  20. Ok, let me make it clear. We create folder on disk C, without any password or some actions to hide. After that the "solution" put malware samples in this folder. So, AV doesn't detect them. what information can be useful to you to help us to investigate with it?
  21. The solution create special folder in which it puts examples of malwares. The folder is not archved or locked with password.
  22. Hi everybody! does anybody know the detection method of Antivirus? I explain my question. I have a chance to test anything i want with a solution that allows provide automatical "pentest". And i found out that ESET cannot detect infected file, if they are not active (according to a test solution method malware put on PC folder for a 2 minutes, and after it must be deleted). during 2 minutes ESET cannot detect malware. So, that's why i have a question - is it a way, how ESET detect malwares - only when it is acctive?
×
×
  • Create New...