Process Guard Module
The Process Guard Module for FireEye Endpoint Security prevents attackers from obtaining access to credential data or key material stored within the Windows Local Security Subsystem Service (LSASS) process, thus protecting endpoints against common credential theft attacks.
Process Guard takes preventative actions on all processes by default, and this could impact any legitimate application to not function as expected. There is a whitelisting feature that allows admins to bypass the preventative actions of Process Guard by specifying a full process path as excluded process. This alleviates any issues with incompatible legitimate applications that require full system access to perform normal operations.
This general availability release of Process Guard is supported on Endpoint Security 5.0 with xAgent v32.30.10 (v32MR)
Note: Process Guard 1.4.1 will NOT work on Endpoint Security 4.9.x and xAgent v32.30.0 or lower
Downloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.
Support
| Developer: | FireEye |
| Supported By: | FireEye |
| Contact: | |
| +1-877-347-3393 | |
| Resources: | Process Guard Release Notes |
| Process Guard User Guide |
Module Info
| Version: | 1.4.1 |
| Last Updated: | November 13, 2020 |
| Platform: | Windows |
| Requirements: | FireEye Endpoint Security 5.0+ with xAgent 32.30.10+ |
| Size: | 16.92 MB |
| MD5: | BFC940E9CDA4A066D8ADB3E21804AC74 |
| SHA1: | B294170BDD05C376A36C7CCC0AF25A92D7D1D5E6 |
| SHA256: | C7DDE94431D513BAA309DEC8E18B6195D3025A5BCEC22309D455010D9C055F2E |