![]() Or investigators can search using industry standard OpenIOC or YARA rules. Searches can be made on parameters such as, specificĬommunications, specific malware, registry activity, account activity, and running processes. Investigators can search (or sweep) with multiple parameters. In addition, detailed root cause investigations can be made on each endpoint directly. Perform multiple searches or sweeps of this data without having to query each endpoint individually. The Apex One server only stores essential metadata of end user recorded data (or telemetry). ![]() On this information is sent to the Apex One server to allow investigators to “sweep” for indicators of compromise (IoCs) Server side IoC sweeping Efficient endpoint recordingĮndpoint Sensor records and stores information on system behaviors, communications and user behaviors. No more moving from one console to another. Threat hunting and detection investigation is performed within the workflow and console of Apex One and shows investigationsĪcross connected emails and servers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |