This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Mikael_Bygren
Explorer
‎2018-05-11 06:57 AM

Manage goto meeting / webex downloads

Hi.

How do you manage the different meeting systems download apps?

Sndblast keep alerting in logs as detected but with Severity=Low and Confidence Level=N/A

SandBlast Agent Threat Emulation has detected access to: C:\Users\USERNAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XXUF8VS0\G2MCoreInstExtractor[1].exe. See attached report

I am thinking of changing the "Blade Activition" policy setting for the Anti-Bot agent to ignore Confidence Level=Low. Today it is detect on Low and prevent on High and Medium.

Is a change like that safe, or is it better to keep it as is an filter the events, logs and reports?

1 Reply
PhoneBoy
Admin
Admin
‎2018-05-11 08:36 AM

I would keep it as a filter versus not logging Low Confidence triggers.

Low Confidence events could lead to higher confidence ones later on. 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top