![]() When there is an attack with on-prem, that system will go into isolation mode, removing connectivity to other internal systems. We view the firewall logs, and if there has been exposure, then we use the Application Isolation feature. They were really good." "If there is exposure, we need to investigate the source of the attack, e.g., whether it came from the network or externally. "Some of the most valuable features were antivirus, malware, and spyware. We're able to dig in and really understand how things came to be and where to focus our efforts." "The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great." It should protect all kinds of things that might happen on the servers, things that I cannot see." "Device Trajectory is one of the most valuable features. ![]() It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected." "The most valuable feature is signature-based malware detection." "I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It allows for research into a threat, and you can chart your progress on how you're resolving it." "Among the most valuable features are the exclusions. "It is extensive in terms of providing visibility and insights into threats.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |