Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mikael_Bygren
Explorer

Manage goto meeting / webex downloads

Hi.

How do you manage the different meeting systems download apps?

Sndblast keep alerting in logs as detected but with Severity=Low and Confidence Level=N/A

SandBlast Agent Threat Emulation has detected access to: C:\Users\USERNAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XXUF8VS0\G2MCoreInstExtractor[1].exe. See attached report

I am thinking of changing the "Blade Activition" policy setting for the Anti-Bot agent to ignore Confidence Level=Low. Today it is detect on Low and prevent on High and Medium.

Is a change like that safe, or is it better to keep it as is an filter the events, logs and reports?

1 Reply
PhoneBoy
Admin
Admin

I would keep it as a filter versus not logging Low Confidence triggers.

Low Confidence events could lead to higher confidence ones later on. 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events