Does Protections and settings work separately in Endpoint Security integration?

Hi all!
There's two configuration when you click Endpoint Security integration.
One is "Protections" and the other one is "Settings".
My question is : If you disable malware protection, does agent only collects events? Or does it just not work?
I wonder protection and collection work separately.


I'm pretty sure " Malware Protections Enabled toggle" controls Prevent and Detect, so if you toggle that off neither will work. So you want to leave the toggle on and have PREVENT checked on and you will collect events related to malware.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.