BrianMorris 15 Posted August 24, 2021 Share Posted August 24, 2021 When EDTD stops an endpoint from running an unknown file, it puts the details in Detections > Submitted Files in PROTECT Cloud. It DOES NOT put any details in the Detections & Quarantines section in the detail of the endpoint itself in PROTECT Cloud. (See images attached) The practical effect of this is that a client will call that can't run an EXE and we look at the endpoint in PROTECT Cloud and see no evidence that ESET blocked anything. We have to check this other place (Detections > Submitted Files) to double-check. Could you make a new tab called EDTD to Detections & Quarantines area in the endpoint's detail? Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted August 25, 2021 ESET Staff Share Posted August 25, 2021 (edited) Hello @BrianMorris One "workaround" is that if you click on a particular computer, navigate to computer details and in the overview section, you look at the "ESET Dynamic Threat Defense " TAB, there is a button to open "submitted files". That button will filter out the submitted files screen filtered out for that particular computer. However I do agree that having a direct visibility in the form of a separate tab is a good idea, and we will track it as an improvement towards future versions. Edited August 25, 2021 by MichalJ Link to comment Share on other sites More sharing options...
Recommended Posts