Reviewing Endpoint Protection 15 Tamper Protection events in Cyber Defense Manager.
Article ID: 173949
The Target and Actor Process is not called out in the same way as Symantec Endpoint Protection Manager (SEPM) 14.x.
- Login to Symantec Cyber Defense Manager and select Endpoint
- Select Alerts and Events
- Find and Select the Tamper Protection event. You can filter by severity Major and the Technology will be listed as Agent Framework.
- To find the Target and Actor scroll to the bottom and find Associated Artifacts. The first file listed will always be the Target. The second file listed will be the Actor.