F-Secure for Home Security description (F-Secure) Use case: track assets coming from a custom source (for example Active Directory) (F-Secure). Use case: search discovered hosts (F-Secure) Use case: export web scan findings (F-Secure) Use case: export system scan findings (F-Secure) Use case: export system scan findings in XML format (F-Secure) Use case: check for vulnerabilities […]
Go to Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security – LDAP > Inbound Rules. Right-click and choose New Rule. Choose Custom and click Next. Choose This Program Path and enter %systemroot%\system32\svchost.exe. Choose Customize. Choose Apply to this service, then select Remote Procedure Call (RPC) with the short name RpcSs and click OK. Click Next and accept the pop-up warning. Select TCP as the Protocol type. Select RPC Endpoint Mapper as the Local Port and click Next. Specify […]
You can set how often Radar Endpoint Agent sends updated status information on vulnerabilities in the devices in your network to the Elements Security Center. Note: In addition to the scheduled status updates, endpoints automatically send any information to the Elements Security Center from scans that are triggered by changes to the installed software. Select the Settings page […]
This document contains information on the latest release of F-Secure Elements Endpoint Detection and Response. Overview F-Secure Elements Endpoint Detection and Response gives you contextual visibility into your security. With automatic advanced threat identification, your IT team or managed service provider can detect and stop targeted attacks quickly and efficiently. For more details, see the […]
All detected anomalies are not actual attacks. If you determine that the detection is not an attack and it has a too high risk level score, you can report the detection as a false positive. To request whitelisting: Log in to the portal with your email address and password. The Home view opens. Select the … item from the […]
You can use this test to view what an advanced attack in the organization network may look like in the F-Secure Elements Endpoint Detection and Response portal. For this test, you need: a Windows workstation that is running the Sensor, and an access to the F-Secure Elements Endpoint Detection and Response portal. Note: We recommend that […]
You can use this simple test to generate a monitored event on the endpoint to make sure that the Sensor is installed and working correctly. To run the test, follow these instructions: Log in to the monitored endpoint where you have deployed the sensor. Open the command prompt. Run the command to create a monitored […]
The forensics package is a zip archive that contains the following information about device. Note: The package is available for 14 days and contains the latest archive that has been collected from the device. Product and system information basic/product_info.txt Product version, license, update status, profile settings basic/settings.txt Product settings basic/systeminfo.log Operating system, hardware profile (memory and […]
This table lists some of the most common process activities that sensors detect. Abnormal file accesses The process is accessing multiple file types or system files without privileges, for example. Abnormal file modification The process is making unusual changes in system files, making files executable, or removing log files or executable files, for example. Abnormal […]
This table lists some of the most common incident types. Category Description Directed attack The attack targets a specific host. Lateral movement The attack moves between hosts while searching for the device that would be the eventual target of the attack. Spoofing The attack uses falsified data to try to disguise itself. Persistence The attack […]