Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
L__Miguel_Aucat
Explorer

Problem when install Workforce AI Security Agent with third-party EDR

We're testing a client's Workforce AI Security solution. In the stations, there is an EDR that uses Trend Micro, and when we try to install the agent on several stations (not all), a message appears from this EDR indicating an alert for a detection.
I think is a kind of false positive detection, however I don´t have an official evidence or response about the .exe file to demonstrate the case. Can anybody help me to determine in the best way or provide some information to support the valid use of the executable for GenAI Protection and relieve the concern about the program? Because we try to introduce the solution and the client does not have experience in Check Point products, and when the alert appears trigger his suspicion.
 
The alert appears over mcp-protect-windows-remote-x86_64.exe, and the name of detection (in TrendMicro) indicates Troj.Win32.TRX.XXPE50F13034. I attached a screenshot.
0 Kudos
2 Replies
PhoneBoy
Admin
Admin

From looking at the screenshot, it seems like an accurate description of what our Workforce AI Security Agent does.
The issue would have to be addressed on the Trend Micro end.

0 Kudos
L__Miguel_Aucat
Explorer

Thanks for your reply, but, do you have an official link or document that demonstrate the process that include references to the executable (mcp-protect-windows-remote-x86_64.exe) or related process for illustrate the points in which it acts in this way.  It's difficult to tell a new client: "That's just how it works" without evidence. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Useful Links

Will be added shortly