Will disabling the behavior monitoring take care of this? Brian
Sent from my iPhone > On Sep 25, 2014, at 9:04 AM, Nash Pherson <[email protected]> wrote: > > Yeah, the article talking about Symantec seems really odd. I think someone > is pointing to one line of a very large security recommendation document. > Without the full context, it seems like a typical FUD article with a sexy > headline. > > Regarding Brian’s original question, the article is saying the SEP Network > Threat Protection feature was not enabled. It looks like the organization > wasn’t using SEP’s Firewall, which means you can’t use SEP’s NTP either. > > For SCEP, see the Network Inspection System as a similar feature. I’ve found > SCEP’s NIS to be very effective while also not giving the cumbersome number > of false positives seen in SEP. > > This article talks about how they extended behavior and network monitoring > with better real-time network inspection for zero-day exploits: > http://blogs.technet.com/b/configmgrteam/archive/2013/06/24/enhancements-to-behavior-monitoring-and-network-inspection-system-in-the-microsoft-anti-malware-platform.aspx > > I hope that helps, > > > > Nash > > > From: [email protected] [mailto:[email protected]] > On Behalf Of Tim Evans > Sent: Thursday, September 25, 2014 8:39 AM > To: [email protected] > Subject: RE: [mssms] OT: Home Depot credit card hack > > According to this: > http://www.dailytech.com/Appalling+Negligence+DecadeOld+Windows+XPe+Holes+Led+to+Home+Depot+Hack/article36517.htm > the solution was simply to upgrade to a more modern OS. > > …Tim > > From: [email protected] [mailto:[email protected]] > On Behalf Of Brian McDonald > Sent: Thursday, September 25, 2014 5:55 AM > To: [email protected] > Subject: Re: [mssms] OT: Home Depot credit card hack > > Anyone have any experience with this? Thanks! Brian > > Sent from my iPhone > > On Sep 24, 2014, at 5:44 PM, Brian McDonald <[email protected]> wrote: > > To all who has seen this. Jus curious, could you summarize the protection or > steps you have taken to prevent such breaches and avoid the Target and Home > Depot examples? The article states Symantec Endpoint was being used. Anyone > know if the similar feature is available in SCEP? - Brian > > http://www.businessweek.com/articles/2014-09-18/home-depot-hacked-wide-open > > > Sent from my iPhone > > > >
