Jump to content

Recommended Posts

Posted

Hi,

Is there any option to block malware executing using Hash value in ESET? For example if I found Hash value of malware on virus total and I want to block that malware getting executing in our environment.

  • Administrators
Posted

This will be possible with ESET Enterprise Inspector which should become available for beta testing later this year.

Posted
16 hours ago, Marcos said:

This will be possible with ESET Enterprise Inspector which should become available for beta testing later this year.

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

  • Administrators
Posted
18 minutes ago, bbahes said:

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5.

Posted
1 minute ago, Marcos said:

It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5.

Something like Sysinspector?

  • Administrators
Posted
9 minutes ago, bbahes said:

Something like Sysinspector?

It will be more than that :) For instance, you will be able to choose from dozens of behavioral rules pre-generated by ESET malware researchers and get alerted if any of the rules are hit on clients. This will also be reported to ERA.

Posted

So more like HIPS...I'm trying to understand where product fits :) Do you have any documentation ready?

  • ESET Staff
Posted

The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation.  Only a high.level "teaser" leaflet

Posted (edited)
29 minutes ago, MichalJ said:

The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation.  Only a high.level "teaser" leaflet

Will it have linux virtual appliance deployment option? Would love to hear some licensing options if possible :) I ask because we have been approached by company that offers similar thing but if you have this ready soon I will have to test it and talk with managers to hold purchase for this 3rd party product. I will send you PM who is this 3rd party vendor I'd like to hear your comment.

Edited by bbahes
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...