Home  >  APT29  >  Results  >  GoSecure  >  Configuration

GoSecure Configuration

Product Versions

Product Version: 5.8.4.192

Sensor Version: 5.8.4.43

Description

GoSecure Endpoint Detection and Response (EDR) utilizes both behavior-based detection capabilities along with real-time in-memory scanning to detect both known and unknown threats within an organization's environment. GoSecure EDR combines our patented Digital DNA technology with machine learning to have unparalleled insight into the code a process has loaded into memory. This unique approach allows GoSecure EDR to not only make real-time convictions on malware, but it also provides actionable context about what the process is capable of and what it might do in the future. GoSecure EDR also makes use of our proprietary behavior-based detection library, well suited (and continuously updated) to detect the various tactics, techniques, and procedures commonly used by advanced persistent threats.

Product Configuration

Sensor Profile: Default-Windows-Profile

Automated Response Policies: All policies enabled and set to alert only