AhmedDeban 2 Posted May 29, 2023 Posted May 29, 2023 Dears , I need to check how to check clients which installed ESET Endpoint Security , How to check if he do the abnormal activity from the web console, for example tries to pause protection or disable firewall ? Thank
Administrators Marcos 5,734 Posted May 29, 2023 Administrators Posted May 29, 2023 Please elaborate more on what you mean by abnormal activity. You can check for suspicious operations in your network in ESET Inspect if you have purchased it and installed the EI connector on clients.
AhmedDeban 2 Posted May 29, 2023 Author Posted May 29, 2023 1 minute ago, Marcos said: Please elaborate more on what you mean by abnormal activity. You can check for suspicious operations in your network in ESET Inspect if you have purchased it and installed the EI connector on clients. abnormal activity , I already elaborate with example client tries abnormal events authorize disable or pause the ESET failed tries I hope this clear
Administrators Marcos 5,734 Posted May 29, 2023 Administrators Posted May 29, 2023 Entering a wrong password repeatedly is not considered suspicious by ESET Inspect. However, it uses about 1260 pre-defined rules to detect and possibly remediate suspicious operations on clients and allows for creating custom rules as well. For more information about ESET Inspect, please read https://www.eset.com/int/business/solutions/xdr-extended-detection-and-response/.
AhmedDeban 2 Posted May 29, 2023 Author Posted May 29, 2023 2 hours ago, Marcos said: Entering a wrong password repeatedly is not considered suspicious by ESET Inspect. However, it uses about 1260 pre-defined rules to detect and possibly remediate suspicious operations on clients and allows for creating custom rules as well. For more information about ESET Inspect, please read https://www.eset.com/int/business/solutions/xdr-extended-detection-and-response/. Thanks for your reply , " it uses about 1260 pre-defined rules to detect and possibly remediate suspicious operations on clients and allows for creating custom rules as well " Do you mean Solution for XDR ? , I just need solution for anormal activity and ESET inspect will do as you explain ?
Administrators Solution Marcos 5,734 Posted May 29, 2023 Administrators Solution Posted May 29, 2023 Yes, I mean XDR. Other than that, you could create your own HIPS rules depending on what file or registry activity you would like to monitor.
Recommended Posts