This content has been marked as final. Show 1 reply
Is it possible for a managed endpoint with HIPS 8.0 to report on all security events that are logged within the Windows security event log
This is out of scope for Host IPS.
Also is possible for ePO to report on particular files that may exisit on an endpoint ?
A custom signature can be written for READ/WRITE/EXECUTE operations on a file, but not simply that a file exists (without a READ operation).