Instructions what to do when you receive an email notification about a new broad context detection. Follow these instructions when you receive an alert of a new detection: Open the portal to check the details of the broad context detection. Check the risk level score of the detection and its details view, the list of […]
Best practices are instructions on how to best use F-Secure Elements Endpoint Detection and Response features. Source : Official F-Secure Brand Editor by : BEST Antivirus KBS Team
You can schedule daily, weekly, and monthly reports that contain information about the status of the service and connected devices. You can download reports as pdf files from the portal when they are ready. To create a new report: Log in to the portal with your email address and password. The Home view opens. Select the Reports tab. The Reports view […]
When you elevate the incident, the service alerts F-Secure analysts. Analysts will have access to the incident data to help them to solve the case. You need a valid subscription and unused elevate tokens to be able to elevate incidents. Note: Elevating incidents is available for Partner-level administrators only. To elevate the incident to F-Secure: Log […]
Some detections may require deeper analysis and guidance by specialized cyber security experts. If you cannot resolve an incident after your analysis, you can elevate the incident to F-Secure for help in resolving the broad context detection and instructions how to respond to it. You can elevate an incident to F-Secure when you need help […]
You can save your searches so that you can easily access them later without having to create same filtering rules again. To save your current filtering rules: On the Event Search tab, create a search filtering rule as described. Select the View field. The View dialog shows all filter views that you have created. Select the saved view from the list […]
The Event Search view shows the endpoint event data based on the currently selected filtering rules. Note: To change columns that are visible in the Event Search view, use either the Visible columns menu or open event details and then select to add the new column to the table. To search for events: Select the Event Search tab. The Event Search view shows you a […]
With Event Search, you can view the endpoint event data that sensors have collected. With this data, you can search for signs of threats or find more context for the incident that you are investigating already. Event Search is designed for advanced incident investigation. It allows you to filter and search for events based on […]
After you have analyzed and solved a broad context detection and after the incident is over, you can release isolated hosts back to the network. To release a host from the isolation: Select the Devices tab. Select the host that you want to release from the isolation. Select Release host and confirm the release. The selected host is released […]
You can isolate one or more devices from the network. To isolate a single host from the network: Select the Devices tab. Select the device that you want to isolate from the network. Select Isolate device and confirm the isolation. The selected device is isolated from the network. Source : Official F-Secure Brand Editor by : BEST Antivirus KBS […]