The Process Guard Module for FireEye Endpoint Security prevents attackers from obtaining access to credential data or key material stored within the Windows Local Security Subsystem Service (LSASS) process, thus protecting endpoints against common credential theft attacks.
Process Guard takes preventative actions on all processes by default, and this could impact any legitimate application to not function as expected. There is a whitelisting feature that allows admins to bypass the preventative actions of Process Guard by specifying a full process path as excluded process. This alleviates any issues with incompatible legitimate applications that require full system access to perform normal operations.
This technical preview release of Endpoint Agent Console is supported on Endpoint Security 5.0 with xAgent v31.0+
As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.
|Resources:||Process Guard User Guide|
|Process Guard Release Notes|
|FireEye Endpoint Security|
|Last Updated:||July 1, 2020|
|Requirements:||FireEye Endpoint Security 5.0 with xAgent 31.0+|