karsayor 8 Posted July 4 Share Posted July 4 Hello Currently evaluating ESET Inspect, I'm wondering about the default rules created by ESET but that have no user actions. If I understand correctly, once exclusions have been made by learning mode, we should be able to set protective actions to the rules, especially the threats rules. But afaik, there is No way to mass enable user actions on rules, so you have to edit them all 1 by 1 😐 No recommended user actions on rules. ESET should recommend default user actions for the rules they make because they know what is the best protective action for a rule What is the right way to deal with these ? We are a Service Provider and we cannot afford to go on each console of each customer to edit manually each rule.. Quote Link to comment Share on other sites More sharing options...
thae 11 Posted Tuesday at 06:12 AM Share Posted Tuesday at 06:12 AM Correct There are some Threat rules where a user action, like blocking, is set. E. g. B1005, it kills the process on this computer. Quote Link to comment Share on other sites More sharing options...
karsayor 8 Posted Thursday at 06:40 AM Author Share Posted Thursday at 06:40 AM Thanks for the feedback. It still feels like we are left alone with those users actions, they should do the job to the end and recommend us what user actions to do for each rules. They know best what impact / severity each threat has. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.