Summary
This article describes how to manage threat definitions. Threat definition contains detection logic to search for threats in your environment.
Some threat definitions have parameters to configure such as lists of exclusions, time period or lists of predefined roles, groups, or other entities. Threat definition can be disabled if you accept the risk or threat definition is not relevant for your environment.
Cayosoft constantly works on updating threat definitions. Recent versions of threat definitions can be installed over-the-air without need to upgrade the product version.
How to change parameters in threat definition
- Open Cayosoft Guardian Web Portal.
- Expand Threat Detection node.
- Select Threat Definitions.
- Select a threat definition and press Properties.
- Change parameters.
- Press Save.
How to disable threat definition
- Open Cayosoft Guardian Web Portal.
- Expand Threat Detection node.
- Select Threat Definitions.
- Select a threat definition and press Properties.
- Select Disabled checkbox.
- Press Save.
How to update threat definitions manually
With paid subscription, Cayosoft Guardian updates threat definitions automatically. With free subscription, only manual update is available.
- Open Cayosoft Guardian Web Portal.
- Expand Threat Detection node.
- Select Dashboard.
- In the Live update widget press Check for updates.
Comments
0 comments
Please sign in to leave a comment.