AhmedDeban 1 Posted May 29 Share Posted May 29 Dears , I need to check how to check clients which installed ESET Endpoint Security , How to check if he do the abnormal activity from the web console, for example tries to pause protection or disable firewall ? Thank Link to comment Share on other sites More sharing options...
Administrators Marcos 4,841 Posted May 29 Administrators Share Posted May 29 Please elaborate more on what you mean by abnormal activity. You can check for suspicious operations in your network in ESET Inspect if you have purchased it and installed the EI connector on clients. Link to comment Share on other sites More sharing options...
AhmedDeban 1 Posted May 29 Author Share Posted May 29 1 minute ago, Marcos said: Please elaborate more on what you mean by abnormal activity. You can check for suspicious operations in your network in ESET Inspect if you have purchased it and installed the EI connector on clients. abnormal activity , I already elaborate with example client tries abnormal events authorize disable or pause the ESET failed tries I hope this clear Link to comment Share on other sites More sharing options...
Administrators Marcos 4,841 Posted May 29 Administrators Share Posted May 29 Entering a wrong password repeatedly is not considered suspicious by ESET Inspect. However, it uses about 1260 pre-defined rules to detect and possibly remediate suspicious operations on clients and allows for creating custom rules as well. For more information about ESET Inspect, please read https://www.eset.com/int/business/solutions/xdr-extended-detection-and-response/. Link to comment Share on other sites More sharing options...
AhmedDeban 1 Posted May 29 Author Share Posted May 29 2 hours ago, Marcos said: Entering a wrong password repeatedly is not considered suspicious by ESET Inspect. However, it uses about 1260 pre-defined rules to detect and possibly remediate suspicious operations on clients and allows for creating custom rules as well. For more information about ESET Inspect, please read https://www.eset.com/int/business/solutions/xdr-extended-detection-and-response/. Thanks for your reply , " it uses about 1260 pre-defined rules to detect and possibly remediate suspicious operations on clients and allows for creating custom rules as well " Do you mean Solution for XDR ? , I just need solution for anormal activity and ESET inspect will do as you explain ? Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 4,841 Posted May 29 Administrators Solution Share Posted May 29 Yes, I mean XDR. Other than that, you could create your own HIPS rules depending on what file or registry activity you would like to monitor. Link to comment Share on other sites More sharing options...
Recommended Posts