has anyone an information if the functionality in the TIE Module for VSE or for Endpoint 10 will be extended to block non executable code as well??
Background: We are implementing "none McAfee" and "none SIA Partner" products into TIE. At the moment we are implementing any vendor who is able to generate hashes and reputation levels.
Problem: An e-mail appliance generates a sha256 hash of malicioues files. So we can add the hashes to TIE, but we have no enforcement on endpoint.
Any ideas?? Any Information??
At present there isn't much you can do. However, if you have data on a malicious file, can you also see if it drops PE files? If you can get those hashes as well you can block those.