Campbell IT 4 Posted May 14, 2020 Posted May 14, 2020 I have found after working with ESMC 7.x for some time that the only way to permanently resolve detections is to run an In-depth scan with cleaning after a detection has occurred. Is there a way to configure ESMC so that when a desktop reports s detection, an in-depth scan with cleaning is scheduled automatically?
ESET Staff MartinK 384 Posted May 14, 2020 ESET Staff Posted May 14, 2020 I would recommend to create dynamic group for such devices: example can be found in older topics, for example here: Once devices are joining this group, you can attach specific actions to them, including task execution (on demand scan or maybe even network isolation task) and also policy that might configure product to schedule such scan. Also could you provide more details of what kind of detection are not cleaned automatically? Normally only detections that were not handled (not cleaned or deleted) are not resolved automatically in ESMC, which should not happen very often.
Campbell IT 4 Posted May 14, 2020 Author Posted May 14, 2020 I had several machines detect HTML/ScrInject.B and for weeks, the detections would show up as unresolved. I finally got some time where the user would let me work on the system for a couple of hours and the only way I could find to actually get the detections to resolve was to run an in-depth scan with cleaning. It baffles me because these detections were reported after a smart scan. If there is some other easy (albeit, not intuitive) way do resolve detections, I would love to hear it. Thanks.
Recommended Posts