Elastic endpoint agent for malware detection
45 views
Skip to first unread message
Geoff Nordli
Oct 16, 2020, 4:08:03 PM10/16/20
to Wazuh mailing list
Hi.
It seems the new Elastic endpoint management has some good protection
features.
https://www.elastic.co/endpoint-security/
At some point will Wazuh be able to leverage that technology?
thanks,
Geoff
It seems the new Elastic endpoint management has some good protection
features.
https://www.elastic.co/endpoint-security/
At some point will Wazuh be able to leverage that technology?
thanks,
Geoff
Yana Zaeva
Oct 22, 2020, 8:27:43 AM10/22/20
to Wazuh mailing list
Hi Geoff,
First of all, my apologies for the late response. Regarding your question, you can approach something similar to that technology using the Active response module, for which I will leave the information here: https://documentation.wazuh.com/3.13/user-manual/capabilities/active-response/how-it-works.html
You can use it alongside the several anomaly detection modules we have enabled, as rootcheck and syscheck. You can check this link for further information about it: https://documentation.wazuh.com/3.13/user-manual/capabilities/anomalies-detection/index.html
Lastly, in this file, you will be able to find information about what's on the road for following Wazuh versions: https://github.com/wazuh/wazuh/blob/master/CHANGELOG.md#v400--
Hope I was helpful. Let me know if you have any doubts.
Regards,
Yana.
Reply all
Reply to author
Forward
0 new messages