Version 1.9 brings you new features and improvements:
Incident improvements
•You can now report Incident with rule action ReportIncident in the rules syntax
•New Incident action was added called Invalid.
•Incidents inspected by ESET Services Representative (ESR) will have the new flag Investigated by ESET added after the name of the incident.
•You can now filter Incidents by their severity (Low/Medium/High) and their new status (Invalid) |
Detection capability/visibility improvements
•Monitoring of selected Win API calls
•Canary files for ransomware detection
•Processing of duplicate events for some event types
•Improved signals related to suspicious behavior sent to ESET Inspect from ESET Endpoint
•Detection for writing to multiple files
•Direct link between URL connections and dropped executables |
macOS & Linux improvements
•Ability to detect setting file attributes ("SetFileAttribute")
•Ability to detect and investigate a process deleting its files (commonly used by various malware) |
REST API Improvements (on premise)
•Incident Management
•You can now search for Executables and their metadata |
Multitenancy
•Target logic for Rules, Exclusions, Blocked Hashes
•Group access & visibility controlled via Access Rights
•Dashboard views with limitations |
ESET LiveGuard integration
•ESET Inspect now receives ESET LiveGuard Advanced scores by default
•You can now submit files for analysis manually from Process Details, Executable Details, Detection Details window or via rule action in the rules syntax. This feature is available from ESET PROTECT version 10.1 or later. |
New actions
Performance improvements
•Various database and general performance improvements |
