Jump to content

Malware blocking using Hash value

Shafiq

By Shafiq
in ESET Endpoint Products

 Share

Recommended Posts

Shafiq

Shafiq 0

Posted
Posted

Hi,

Is there any option to block malware executing using Hash value in ESET? For example if I found Hash value of malware on virus total and I want to block that malware getting executing in our environment.

Link to comment
Share on other sites
bbahes

bbahes 29

Posted
Posted
16 hours ago, Marcos said:

This will be possible with ESET Enterprise Inspector which should become available for beta testing later this year.

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,713

Posted
  • Administrators
Posted
18 minutes ago, bbahes said:

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5.

Link to comment
Share on other sites
bbahes

bbahes 29

Posted
Posted
1 minute ago, Marcos said:

It's a separate product. Support for EEI will be first added in Endpoint v6.5 and ERA v6.5.

Something like Sysinspector?

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,713

Posted
  • Administrators
Posted
9 minutes ago, bbahes said:

Something like Sysinspector?

It will be more than that :) For instance, you will be able to choose from dozens of behavioral rules pre-generated by ESET malware researchers and get alerted if any of the rules are hit on clients. This will also be reported to ERA.

Link to comment
Share on other sites
  • ESET Staff
MichalJ

MichalJ 430

Posted
  • ESET Staff
Posted

The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation.  Only a high.level "teaser" leaflet

Link to comment
Share on other sites
bbahes

bbahes 29

Posted
Posted (edited)
29 minutes ago, MichalJ said:

The product is EDR - Endpoint Detection and Response. Events will be reported to a dedicated server, which will then perform analysis, and report events back to ERA. There will be a "drill-down" to the EEI console, where you will be able to perform forensics investigation, and apply various filters to identify suspicious processes / executables. As of now, we do not have any public-facing documentation.  Only a high.level "teaser" leaflet

Will it have linux virtual appliance deployment option? Would love to hear some licensing options if possible :) I ask because we have been approached by company that offers similar thing but if you have this ready soon I will have to test it and talk with managers to hold purchase for this 3rd party product. I will send you PM who is this 3rd party vendor I'd like to hear your comment.

Edited by bbahes
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...