Elastic Endpoint is EDR product, the malicious binary payload should be detected upon execution. This is similar to “scan files upon modification” option, where you can opt-out from it to improve performance but you still have guarantee that a malicious executable at rest won’t be allowed to execute.
lesio
(Leszek Kubik)
2
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Elastic Endgame end to end Process on how to detect and eliminate threats | 3 | 432 | January 4, 2021 | |
| Malicious is reported in the zip file for windows platform | 2 | 456 | November 4, 2022 | |
| Avast triggering false positives | 2 | 461 | November 4, 2022 | |
| Endgame not detecting malware | 8 | 1917 | December 21, 2021 | |
| How to test malware protection? | 3 | 2267 | October 26, 2020 |