What's new in 1.6
•Granular User Access rights (permission sets in ESET PROTECT)
•Incidents view
•Remote Connection method (available in Server Settings)
•"Lightweight" mode (ability to configure the product to reduce the number of stored low-level data and shorten data retention to achieve more than 10x decrease in database size)
Note A low-level event is something a process does. So, write a file, do a DNS lookup, create a registry entry, etc. These can be seen in the Events view. |
Reduction of “Detection overload”
•Learning mode
•Protection against noisy Rules
•Default Exclusions suggestions
•Profile-based configuration in the installer to set up the product for various user types:
oChoice of 3 preset Profiles
oChoice of Rules to enable based on four Severity levels
oChoice of Data collection options
oChoice of Data retention periods
Database improvements
•Event Filters created automatically for noisy Computers
•DB Purge process improvement
•Display estimated DB required space on Dashboard
•Warning for sub-optimal DB configuration
•Warning in case of lack of space
User Interface improvements
•Questions view
•Improved Details view
•Filtering in Raw Events view
•Categorization for Rules
•Expose PEDrop module hash in UI
Detection capability improvements
•Ability to detect brute-forcing of accounts
•Ability to detect misuse of trusted DLLs
•Ability to monitor discovery techniques using the WMI GetObject method
•Re-evaluation of Rules severity values (based on latest telemetry statistics)
•Change of Rule set to reflect the compromised flag
REST API improvements
•Ability to disable/enable Rules
•Ability to create/manage Exclusions
•Ability to trigger Network Isolation
•Added Trigger Event for Detections
Other improvements
•Ease of deployment – All-in-one installer with EEI Agent (ESET PROTECT 8.1 required)
•Performance and scaling improvements
•Renaming of ESMC to ESET PROTECT within the EEI interface