Jump to content

Security vulnerability exploitation - Action "detected" vs "blocked"


Go to solution Solved by Marcos,

Recommended Posts

I have a lot of servers reporting  "Security vulnerability exploitation attempt".

For most of them, action is blocked and threat marked as resolved.
Some, however, just have been "detected" and are neither resolved nor handled by product:



image.thumb.png.318200e9c57c9707e3a72b04593d6052.png

 

I found a similar topic from two years ago: https://forum.eset.com/topic/21933-security-vulnerability-exploitation/

There it was said that detected means blocked but wording might change:
https://forum.eset.com/topic/21933-security-vulnerability-exploitation/

image.png.cd9a4f04f9273fa61373163f8254ff87.png

 

So my question now would be: did the wording change already (blocked means blocked, detected means detected and not blocked) and the threat has indeed not been handled? If not, why do i get some "detected" and others "blocked" ?

Thanks, Simon.

 

Edited by simon_says
Link to comment
Share on other sites

  • Administrators
  • Solution

Is the action "Detected" also logged in the client's logs? As far as I can see, "Blocked" should be logged, however, at the moment I can't test what appears in the ESET PROTECT console.

image.png

Link to comment
Share on other sites

  • Administrators

I'll check it out with ESET PROTECT devs to make sure that the change is visible also in the console.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...