Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Application Monitoring and sort out good and unknown(possible Threats)

Created: 12 Jul 2012
toby's picture
4 Agree
0 Disagree
+4 4 Votes
Login to vote

Hello,

as with SEP you have the possibility to monitor applications that will create a detailed entry in the database table dbo.SEPM_APPLICATION it could be sorted out the good and unknown files mentioned.

I personally would see options for that, like to take the information from the database and check the Symantec File Reputation Database or the National Software Reference Library(NSLR) etc.

This will show you what is the application status of your running applications and you can trigger actions based on what you see.

If an integration like this is feasible, may I also point out to consider enterprises and to not do a bulk upload of the files when the feature is enabled as in certain infrastructures the table can contain more million entries...

Cheers toby