Right now, it is possible to list ALL “applications” installed on each and every endpoint. You can also list ALL “processes” running on each and every endpoint. As well, you can list ALL “services” in all endpoints.
Is it possible to add one more option into the list? UNRECOGNIZED files (running in sandbox) on each and every endpoint. That would be lovely! And from there, to see further information with double click to the see the location/path, and any other important information about each file listed.
As for ACTIONS concerns, it would be nice to be able to add the file to trusted or blocked list from there. And also to be able to send the files to valkyrie or virustotal.
Is it possible to have that option added to ESM? Pretty please? ;D
(please see attached image so you can understand better what I am talking about).
[attachment deleted by admin]