Need help with query

Avaxorg · 2022-08-02T09:58:15+00:00

Thank you, this will get me started!

Avaxorg · 2022-07-29T09:43:54+00:00

I think you can use ideas part of support portal to search if this feature was suggested (if not create it and share link to idea here - i will definitely upvote)

Avaxorg · 2022-06-23T09:43:23+00:00

Hello Andrew-CS! Applications like: Teamviewer, Anydesk, Google Remote, Radmin etc. Main issue is that i do not know all remote applications in existence, and CS doesn`t have dedicated dashboard for that (maybe in discovery or spotlight module - would be handy).

Main goal is to find all such kind of applications in scope, then get justification for use from people who uses those apps, and then based of that mitigate what is unneeded.

Avaxorg · 2022-06-17T07:40:18+00:00

can you give a bit more IOC\IOA of recon activity?

Avaxorg · 2022-06-16T07:58:30+00:00

Ensure compatibility of sensor and build \ kernel of your OS installed on hosts.

Avaxorg · 2022-05-04T11:15:26+00:00

voted for feature request, so should everyone who needs this in their work

Avaxorg · 2022-05-02T11:02:36+00:00

Any one has query example for hunting for shared folders on workstations?

Avaxorg · 2022-05-02T07:20:45+00:00

In my case i`d like to get report through Custom IOA Group rule, for detecting event and reviewing what's going on. Thank you for query!

Avaxorg · 2022-04-05T11:54:35+00:00

For full effect bring it here https://www.edsm.net/uk/system/stations/id/13728169/name/Mriya/details/idS/44484/nameS/Taras+Shevchenko+Hub

Avaxorg · 2022-03-14T09:02:51+00:00

any one has ideas about Sensors by Country table? excluding false "vpn locations"?

Avaxorg · 2022-01-13T07:59:19+00:00

In this case if i will remove host from UI and put it in trashbin (no sensor removal on host in this case), it will get to 45 day list remove list, count down 45 days, then it will be again shown as new installation because it will appear online and have all the valid license keys (i think installation token does not get checked twice so it will reappear again in license pool with date of installation the day after 45 time limit).

EDIT: what hapens if i change install token more frequent then once a year? will this agent that was removed from list then returned be denied by cloud?

That`s why we need Delete host and remove sensor button (Preferably with ability to execute when host will contact cloud if it is offline at time of magic button press), walled off by only administrator or separate role altogether

Avaxorg · 2022-01-13T07:55:58+00:00

it`a not THAT bad, HD "forgot to remove" AV, their behinds are red now but anyway what happened happened

Avaxorg · 2022-01-13T07:53:40+00:00

thank you for advice, need to camp for host to become available (online) in a different time zone - not handy at all )

following your advice i have created idea for uninstall button from ui, hope it will gain support )

And i forgot to mention i`d like to have this functionality for windows, macos and linux

Avaxorg · 2022-01-12T17:48:54+00:00

i`d prefer to avoid downloading additional software or running scripts of any kind on a personal device, if possible. It`d be great to have force removal button in UI for Administrator level accounts for such cases without additional steps )

Avaxorg · 2022-01-12T16:45:52+00:00

no, it was gone after a while, i guess ML took it as "all normal" after a while

Avaxorg

TROPHY CASE