Process Guard Module
The Process Guard Module for FireEye Endpoint Security prevents attackers from obtaining access to credential data or key material stored within the Windows Local Security Subsystem Service (LSASS) process, thus protecting endpoints against common credential theft attacks.
Process Guard takes preventative actions on all processes by default, and this could impact any legitimate application to not function as expected. There is a whitelisting feature that allows admins to bypass the preventative actions of Process Guard by specifying a full process path as excluded process. This alleviates any issues with incompatible legitimate applications that require full system access to perform normal operations.
This technical preview release of Endpoint Agent Console is supported on Endpoint Security 5.0 with xAgent v31.0+
As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.
Downloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.
Support
| Developer: | FireEye |
| Supported By: | FireEye |
| Contact: | |
| Resources: | Process Guard User Guide |
| Process Guard Release Notes | |
| FireEye Endpoint Security |
Module Info
| Version: | 1.3.1 |
| Last Updated: | July 1, 2020 |
| Platform: | Windows |
| Requirements: | FireEye Endpoint Security 5.0 with xAgent 31.0+ |
| Size: | 10.97 MB |
| MD5: | 18927137DACD66FEC87CDB9C666250F3 |
| SHA1: | 305A2352596B6A5A5C4F297E6061F8C762373D80 |
| SHA256: | 99DE6F71949E5DC30693868253FDE77CE21AA6D247797B8824EF799084A4DE82 |