You can isolate one or more devices from the network. To isolate a single host from the network: Select the Devices tab. Select the device that you want to isolate from the network. Select Isolate device and confirm the isolation. The selected device is isolated from the network. Source : Official F-Secure Brand Editor by : BEST Antivirus KBS […]
After analyzing a broad context detection, you may want to isolate hosts from the network connections to avoid further harm to the environment. In order to isolate hosts, you must configure Windows group policies to allow F-Secure to control Windows Firewall. Note: Using the portal to isolate hosts works only with PSB + F-Secure Elements EDR […]
The criticality of a detection is partly based on the importance of the affected hosts. F-Secure Elements Endpoint Detection and Response classifies hosts into the following groups automatically based on processes running on them: Server Domain Controller Exchange Server Non-technical Sys Admin Developer Unknown (not enough data to determine the profile) The incident risk score […]
The risk level score shows the estimated risk of a detection in the customer environment. The risk level score is based on criticality and confidence of the detection. Criticality Criticality means the possible impact that the detection would have in the customer environment. It is based on the severity of the detection – how much […]
In some cases, it is best to inform the customer immediately about the incident. In other cases, it is best to gather further information before taking action on the detection. Before detections arrive in the portal, they have been thoroughly analyzed by multiple behavioral algorithms and combined via artificial intelligence into broad context detections – […]
As an automated response to an incident, you can isolate hosts for the companies you choose when F-Secure Elements Endpoint Detection and Response detects an incident that matches the criteria that you set. Note: Response actions work only with F-Secure Elements EDR and EPP for Computers, F-Secure Elements EDR and EPP for Computers Premium, F-Secure Elements […]
When sensors detect an anomaly in the customer environment, it shows up as a broad context detection in the portal. F-Secure Elements Endpoint Detection and Response sensors collect data on behavioral events in hosts where they have been installed to detect any anomalies. For example, if Microsoft Office runs a script that launches PowerShell, sensors […]
F-Secure Elements Endpoint Detection and Response lets you identify all harmful or otherwise unwanted and unknown applications, and the foreign destinations from the monitored hosts. It uses reputational data to identify potentially harmful applications in monitored organizations. In the applications overview, you can check that no new harmful or otherwise unwanted applications have been installed […]
Instructions what to do when you want to make sure that everything is alright in customer environments. To make sure that the system status is okay in all organizations that you monitor: Log in to the portal with your email address and password. The Home view opens. Check the Devices at risk pane. The Devices at risk pane includes up to […]
You can provide a designated individual, known as an administrator, with a user account with required rights in the portal. The service has an integrated user management with F-Secure Protection Service for Business. To create an administrator account: Log in to the portal with your email address and password. The Home view opens. Select the Solution selector […]