search cancel

Reviewing Endpoint Protection 15 Tamper Protection events in Cyber Defense Manager.

book

Article ID: 173949

calendar_today

Updated On:

Products

Endpoint Protection Endpoint Security

Issue/Introduction

The Target and Actor Process is not called out in the same way as Symantec Endpoint Protection Manager (SEPM) 14.x.

Resolution

  1. Login to Symantec Cyber Defense Manager and select Endpoint
  2. Select Alerts and Events
  3. Find and Select the Tamper Protection event. You can filter by severity Major and the Technology will be listed as Agent Framework.
  4. To find the Target and Actor scroll to the bottom and find Associated Artifacts. The first file listed will always be the Target.  The second file listed will be the Actor.