Process Guard Module

The Process Guard Module for FireEye Endpoint Security prevents attackers from obtaining access to credential data or key material stored within the Windows Local Security Subsystem Service (LSASS) process, thus protecting endpoints against common credential theft attacks. 

Process Guard takes preventative actions on all processes by default, and this could impact any legitimate application to not function as expected. There is a whitelisting feature that allows admins to bypass the preventative actions of Process Guard by specifying a full process path as excluded process. This alleviates any issues with incompatible legitimate applications that require full system access to perform normal operations. 

This technical preview release of Endpoint Agent Console is supported on Endpoint Security 5.0 with xAgent v31.0+

As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.


Supported By:FireEye
Resources:Process Guard User Guide
Process Guard Release Notes
FireEye Endpoint Security

Module Info

Last Updated:July 1, 2020
Requirements:FireEye Endpoint Security 5.0 with xAgent 31.0+
Size:10.97 MB

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module