Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

More accurate logs in Application and device control

Created: 05 Nov 2012
Yoann WYFFELS's picture
4 Agree
0 Disagree
+4 4 Votes
Login to vote

Hi,

Application and device control mights be able to avoid some unknown threats infection by simply adding more details about what/who did the actions, and more details about the actions themselves.

For exemple, the "caller process name" is only reporting the exe file called to execute. In case of vbs script, only "wscript.exe" will be show in the log...: We need the full command line to know if the wscript.exe call is coming from a know vbs script or not...!

In other exemple, "write registry" only report registry path...But we didn't see the key name, and the key value...Which would be very useful to know if this a threat or not.