Deployment - Visibility

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
35 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:00
>> [MUSIC]
00:00
In this module,
00:00
we will learn how to get insights into our topology.
00:00
One of the great features of
00:00
Harmony Endpoint is the visibility it provides.
00:00
You can see the status of
00:00
your entire organization at a glance.
00:00
We can see from this page
00:00
how many devices are deployed with Endpoint
00:00
whether they are up to date and
00:00
whether there are any alerts we should be aware of.
00:00
This is something we discussed
00:00
in the previous video where
00:00
you will always be prompted to
00:00
change the uninstall password.
00:00
You can see that alert right here.
00:00
From operational overview, I'm going
00:00
to move to security overview.
00:00
We can see active and past attacks.
00:00
How many files were scanned?
00:00
How many active dormant attacks?
00:00
Cleaned blocked attacks.
00:00
>> How many infected hosts are there?
00:00
>> A very beautiful timeline.
00:00
Moving to the computer management,
00:00
here we can see the status of the agent,
00:00
which version is deployed,
00:00
which capabilities are enabled,
00:00
the deployment status and much more.
00:00
From the logs page,
00:00
I have beautiful information
00:00
about everything that happened.
00:00
We can filter for a capability and
00:00
get more information about what happened there.
00:00
For example, I'm going to go ahead
00:00
and click on "Forensics."
00:00
All the logs that we'll see now are
00:00
part of the forensics capability.
00:00
If we'll go back to the Endpoint settings,
00:00
I can go to Export Events, select,
00:00
"Add", and add
00:00
the relevant information for
00:00
exporting the checkpoint logs over sys log.
00:00
Another cool feature is threat hunting.
00:00
Threat hunting is an investigative tool which collects
00:00
information about attacks on
00:00
the organization's endpoints.
00:00
Threat hunting collects information on
00:00
all malicious and benign events at
00:00
the organization's endpoints
00:00
which SandBlast Agent installed.
00:00
Know this that by default
00:00
the display is filtered for the last day.
00:00
If you've had a quiet day,
00:00
you'll notice that the numbers have dropped.
00:00
Thank you for watching,
00:00
and I'll see you in the next video.
00:00
[MUSIC]
Up Next