Will Elastic Security / Endpoint Protection still protect/prevent malware without the rules enabled in the SIEM?
Hi,
Protection/prevention is based on the option you choose while creating endpoint protection policy(This will not depend on rules). By Default protection will be enabled.
And By default malware rule will be enabled.