ESET Endpoint Security and ESET File Security

Each file detected by an ESET Dynamic Threat Defense-through ESET Endpoint Security or ESET File Security follows the submission process shown below. Use your policy settings to define security levels and cleaning actions for groups or single machines. File analysis follows a four-step process:

1. File scanning

The file is downloaded from the internet, copied to the computer or created. Your ESET security product processes and scans the file.

EP1

2. File analysis

If ESET decides the file needs to be analyzed, the file is sent for analysis and reported to ESET Security Management Center. If the analysis is not needed, the process ends.

EP2

3. Analysis results are shared

The results of the analysis are saved to a database in the ESET cloud. The database is synchronized every 2 minutes with ESET Security Management Center. All machines where ESET Dynamic Threat Defense is active have up-to-date information from ESET cloud.

EP3

4. Evaluate local policy

Analysis results are also sent back to your ESET security product. Your ESET security product will choose whether to take no action, clean or delete the file based on cleaning settings defined in your security policy. If the file is not clean, ESET kills any processes executed by the file before taking the action set in your policy.

The detection threshold is set in your ESET Endpoint Security / ESET File Security policy under Detection engine > Cloud-based protection > ESET Dynamic Threat Defense > Detection threshold

 

Action taken after a threat is detected is set in your ESET Endpoint Security / ESET File Security policy under Detection engine > Cloud-based protection > ESET Dynamic Threat Defense > Action after detection

 

EP4