- At this point, your end-users should have already installed the sensor/agent/installer to their computer/laptop/server and it is successfully running. If they haven't, this article might have the information on step by step guide on how to self-install the sensor/agent/installer package to their computer/laptop/server.
- The Endpoint Protection with EDR powered by WithSecure will automatically facilitate remediation and response to any detection of threats to your environment.
The Infections report allows you to easily monitor all infections detected and handled by Endpoint Protection with EDR powered by WithSecure that have to install sensor/agent/installer to your end-users computer/laptop/server.
- Details of any infections that have been detected and handled so far.
- Actions are taken by the installed Endpoint Protection with EDR powered by WithSecure to protect the device.
The report can be exported for further reference. You can also set up email alerts to notify designated individuals each time an Endpoint Protection with EDR powered by WithSecure device performs a specific action while handling an infection.
You can view the following column to learn more about the detected infections:
- The date and time when the infection was reported.
- The assigned name for the device with the infection. On clicking the name, the device details page will be displayed.
- The name of the malicious program that infected the computer. On clicking the name, a web browser page will open displaying further information on the malicious program.
- The type of infection. There are three possible types:
|Malware||A program that performs one or more actions that are harmful to the device or data saved on it|
|Spyware||A program that sends out or keeps data that can be used to track a specific device or user|
|Riskware||A program that may introduce a security risk if it is used inappropriately|
- The action was taken by the Endpoint Protection with EDR powered by WithSecure product. Possible actions include:
|Blocked||The infected object has been blocked from performing any further actions. Other files are not permitted to access a blocked object.|
|Renamed||The infected object has been renamed.|
|Stopped||Any current action being performed by the infected object has been halted.|
|Deleted||The infected object has been deleted.|
|Reported||The infected object has been reported to our analysis systems.|
|Disinfected||The malicious code has been deleted from the infected object|
|Quarantined||The infected object has been moved to a safe repository for files that may be harmful.|
|Blocked and asked for further action from the user||The infected object has been blocked from performing any further actions. A dialog message has been shown to the user to ask what further action they would like to pursue|
|The name of the object (for example, a program, a document file, or a database) that has been infected|