This is a functionality test to evaluate that the effectiveness of the behavior detection engine. It demonstrates a safe way of generating an alert. It also allows users to assess Endpoint Central's Next-Gen Antivirus capabilities and provides an overview of how detection operates without impacting actual files on your system.
Before proceeding further make sure Endpoint Central agent is installed and that NGAV add-on is enabled. To check that the NGAV software is working successfully, follow the below steps:
The state is listed as running, indicating that the NGAV software is operational.
Kindly follow the steps below to run the .exe process and generating the first malware detection:
The notification of the process would be shown, and this process would be flagged as a malicious incident. It will be listed in the console under the Incidents tab.
In the Incidents tab, a new alert appears detected by the Behavior Detection engine.
Click on the incident to expand the detection for additional details. The Summary tab gives an overview of the suspicious process.
The Alerts tab encompasses the complete forensic data, including the process tree of the particular incident. Under the Devices tab, you can view the endpoints affected by the incident.