Process Guard Module

The Process Guard Module for FireEye Endpoint Security prevents attackers from obtaining access to credential data or key material stored within the Windows Local Security Subsystem Service (LSASS) process, thus protecting endpoints against common credential theft attacks. 

Process Guard takes preventative actions on all processes by default, and this could impact any legitimate application to not function as expected. There is a whitelisting feature that allows admins to bypass the preventative actions of Process Guard by specifying a full process path as excluded process. This alleviates any issues with incompatible legitimate applications that require full system access to perform normal operations. 

This general availability release of Process Guard is supported on Endpoint Security 5.0 with xAgent v32.30.10 (v32MR)

Note: Process Guard 1.4.1 will NOT work on Endpoint Security 4.9.x and xAgent v32.30.0 or lower

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.

Support

Developer:FireEye
Supported By:FireEye
Contact:Email
+1-877-347-3393
Resources:Process Guard Release Notes
Process Guard User Guide

Module Info

Version:1.4.1
Last Updated:November 13, 2020
Platform:Windows
Requirements:FireEye Endpoint Security 5.0+ with xAgent 32.30.10+
Size:16.92 MB
MD5:BFC940E9CDA4A066D8ADB3E21804AC74
SHA1:B294170BDD05C376A36C7CCC0AF25A92D7D1D5E6
SHA256:C7DDE94431D513BAA309DEC8E18B6195D3025A5BCEC22309D455010D9C055F2E

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module