How to deploy the GetSusp utility to computers using ePolicy Orchestrator
Last Modified: 2023-06-01 16:46:37 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to deploy the GetSusp utility to computers using ePolicy Orchestrator
Technical Articles ID:
KB70405
Last Modified: 2023-06-01 16:46:37 Etc/GMT EnvironmentePolicy Orchestrator (ePO) 5.x
GetSusp 5.x Summary
GetSusp is a free tool that helps you find and log undetected malware, and automatically submit samples to the Trellix Advanced Research Center. To find suspicious files, GetSusp uses heuristics and compares samples against the Trellix Global Threat Intelligence (GTI) database of known clean files. When you analyze a suspect computer, use GetSusp first. IMPORTANT: Download the ePO-deployable version of GetSusp and the ePO extension reports package from the GetSusp landing page. To deploy GetSusp with ePO:
Parameters that you can use in the Command-line field within the GetSusp Deployment Task
Affected ProductsLanguages:This article is available in the following languages: |
|