Will Elastic Security / Endpoint Protection still protect/prevent malware without the rules enabled in the SIEM?
Protection/prevention is based on the option you choose while creating endpoint protection policy(This will not depend on rules). By Default protection will be enabled.
And By default malware rule will be enabled.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.