Jump to content

Malware blocking using Hash value


Shafiq
 Share

Recommended Posts

Hi,

Is there any option to block malware executing using Hash value in ESET? For example if I found Hash value of malware on virus total and I want to block that malware getting executing in our environment.

Link to comment
Share on other sites

16 hours ago, Marcos said:

This will be possible with ESET Enterprise Inspector which should become available for beta testing later this year.

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

Link to comment
Share on other sites

  • Administrators
18 minutes ago, bbahes said:

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5.

Link to comment
Share on other sites

1 minute ago, Marcos said:

It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5.

Something like Sysinspector?

Link to comment
Share on other sites

  • Administrators
9 minutes ago, bbahes said:

Something like Sysinspector?

It will be more than that :) For instance, you will be able to choose from dozens of behavioral rules pre-generated by ESET malware researchers and get alerted if any of the rules are hit on clients. This will also be reported to ERA.

Link to comment
Share on other sites

  • ESET Staff

The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation.  Only a high.level "teaser" leaflet

Link to comment
Share on other sites

29 minutes ago, MichalJ said:

The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation.  Only a high.level "teaser" leaflet

Will it have linux virtual appliance deployment option? Would love to hear some licensing options if possible :) I ask because we have been approached by company that offers similar thing but if you have this ready soon I will have to test it and talk with managers to hold purchase for this 3rd party product. I will send you PM who is this 3rd party vendor I'd like to hear your comment.

Edited by bbahes
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...