Process Tracker Module

Process Tracker is an HX Innovation Architecture module designed to recognize unique file executions on an endpoint and report these executions to HX. If enrichment is enabled, all process execution events will be enriched utilizing the standard Enricher workflow. If alerting is enabled, all events deemed malicious by Enricher will throw a generic alert of type “PRO”. Further if auto-triage is enabled, standard triage collection will initiate automatically on the endpoint associated to the alert.

Process Tracker will cache the execution events for a configurable amount of time. These events are available to be analyzed within the user interface that provides a grid view which can be searched. Custom filters can be configured and saved. All data within the grid is accessible via REST API to integrate with your custom solution. Real time access to events and alerts is also available via the HX message bus.

This general availability release of Process Tracker is supported on Endpoint Security 5.0 with xAgent 32.

This is a replacement to the technical preview release of Process Tracker. As such, the technical preview is not upgradeable. You must uninstall the technical preview, then install this general availability release.