I've been looking on EPO for reports of the top 10 detected threats, but it is really confusing. Where can I look for what this names means?
I have a lot of those...Is there some place where I can translate this to something that has more meaning to be analysed?
The ATP one refers to an untrusted file that will be contained if you have DAC blocking.
I'm speculating that the downloader one relates to maybe a lnk file that is setup to access remote content, such as described at https://www.rapid7.com/db/modules/exploit/windows/fileformat/cve_2017_8464_lnk_rce
Do you have MAR loaded? If so, that would give you the needed context.
Thanks, Dave. But I dont have MAR.
I just assumed that it should be some kind of documentation or map to explain exact what this names refer to. I find some things on the Symantec web page but the names are a little different.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC