To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Malware Detection and Removal with WithSecure EDR

Nganga
Nganga Member Posts: 15 Junior Protector
edited June 20 in Elements Endpoint Detection and Response (EDR)

Bonjour,

Je voudrais savoir si les malwares qui sont détectés par l'EDR WithSecure sont également supprimés par celui-ci ou simplement détecté ?

Voici une image :

maware1.png

malware2.png

Merci d'avance de votre réponse,

Answers

  • Sethu Laks
    Sethu Laks Staff, Moderator Posts: 266 W/ Moderator

    Hi @Nganga

    At the moment, we only have English support available to respond to inquiries. We are concerned that we might misunderstand your original message if we continue relying on Google Translate. Please assist us by posting your query in English. Thank you for your understanding.

  • LiselotteP
    LiselotteP Staff, Community Manager Posts: 395 Threat Terminator

    @Nganga wants to know if the malware detected by WithSecure EDR is also removed by it or just detected.

  • Nganga
    Nganga Member Posts: 15 Junior Protector

    I would like to know if the malware detected by WithSecure EDR is also removed by it, or if it is simply detected?

  • Sethu Laks
    Sethu Laks Staff, Moderator Posts: 266 W/ Moderator

    Hi @Nganga

    WithSecure Elements EDR (Endpoint Detection and Response) focuses primarily on detection and investigation of malware, not necessarily removal. Here's a breakdown:

    • Detection: WithSecure EDR excels at identifying suspicious activity and potential malware threats on your system. It analyzes various factors like file behavior, network traffic, and system registry changes to pinpoint threats.
    • Removal: While EDR might not always remove malware automatically, it provides valuable information to help you take action. You might see options within the EDR console to quarantine or isolate the detected malware. Additionally, the information gathered by EDR can help you choose the most appropriate removal tool or guide you through manual removal steps.

    Here's what WithSecure EDR can typically do to help with malware removal:

    • Identify the malware: It provides details about the detected threat, including its name, location, and potential impact.
    • Contain the threat: EDR might offer options to quarantine the infected files or restrict network access, preventing further damage.
    • Guide remediation: Based on the threat analysis, EDR can suggest appropriate removal tools or offer step-by-step instructions for manual removal.

    Here's what you might need to do for removal:

    • Manual Removal: With the information provided by WithSecure EDR, you can use security tools like specialized Elements Endpoint Protection, Computers Edition to attempt removal.
    • Security Professional: If the situation seems complex, consider seeking help from an IT security professional who can leverage EDR findings and implement a safe and effective removal strategy.

    In summary:

    • WithSecure EDR focuses on detection and investigation.
    • It may offer options for quarantine or isolation.
    • You might need to use additional Elements Endpoint tools or seek professional help for removal.

    For reference: https://www.withsecure.com/userguides/product.html#business/edr/latest/en/concept_89814E3063DA445AA0567E51BB855895-latest-en

    Best regards,
    Sethu
    Community Moderator | Technical Support Engineer
    WithSecure™ https://www.withsecure.com/en/home

Categories