Shafiq 0 Posted February 26, 2017 Share Posted February 26, 2017 Hi, Is there any option to block malware executing using Hash value in ESET? For example if I found Hash value of malware on virus total and I want to block that malware getting executing in our environment. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted February 26, 2017 Administrators Share Posted February 26, 2017 This will be possible with ESET Enterprise Inspector which should become available for beta testing later this year. Link to comment Share on other sites More sharing options...
Shafiq 0 Posted February 27, 2017 Author Share Posted February 27, 2017 Thanks Marcos for the reply Link to comment Share on other sites More sharing options...
bbahes 29 Posted February 27, 2017 Share Posted February 27, 2017 16 hours ago, Marcos said: This will be possible with ESET Enterprise Inspector which should become available for beta testing later this year. Is this separate product or feature that will be integrated in ERA+EEA/EES ? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted February 27, 2017 Administrators Share Posted February 27, 2017 18 minutes ago, bbahes said: Is this separate product or feature that will be integrated in ERA+EEA/EES ? It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5. Link to comment Share on other sites More sharing options...
bbahes 29 Posted February 27, 2017 Share Posted February 27, 2017 1 minute ago, Marcos said: It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5. Something like Sysinspector? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted February 27, 2017 Administrators Share Posted February 27, 2017 9 minutes ago, bbahes said: Something like Sysinspector? It will be more than that For instance, you will be able to choose from dozens of behavioral rules pre-generated by ESET malware researchers and get alerted if any of the rules are hit on clients. This will also be reported to ERA. Link to comment Share on other sites More sharing options...
bbahes 29 Posted February 27, 2017 Share Posted February 27, 2017 So more like HIPS...I'm trying to understand where product fits Do you have any documentation ready? Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted February 27, 2017 ESET Staff Share Posted February 27, 2017 The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation. Only a high.level "teaser" leaflet. Link to comment Share on other sites More sharing options...
bbahes 29 Posted February 27, 2017 Share Posted February 27, 2017 (edited) 29 minutes ago, MichalJ said: The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation. Only a high.level "teaser" leaflet. Will it have linux virtual appliance deployment option? Would love to hear some licensing options if possible I ask because we have been approached by company that offers similar thing but if you have this ready soon I will have to test it and talk with managers to hold purchase for this 3rd party product. I will send you PM who is this 3rd party vendor I'd like to hear your comment. Edited February 27, 2017 by bbahes Link to comment Share on other sites More sharing options...
Recommended Posts