The Process Guard Module for FireEye Endpoint Security prevents attackers from obtaining access to credential data or key material stored within the Windows operating system, thus protecting endpoints against common credential theft attacks.
Note: Process Guard takes preventative actions on all processes by default, and this could cause poorly written software to not function as expected. A whitelisting feature is available to support instances where this compatibility is required. Install instructions are provided as part of the module documentation. It is highly recommended that all documentation be read before considering a deployment. As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.
|Resources:||Module User Guide|
|FireEye Endpoint Security Module - Process Guard v1|
|FireEye Endpoint Security|
|Last Updated:||February 6, 2020|
|Requirements:||FireEye Endpoint Security Server 4.9.x and Agent 30/31|