Incident Panel

[Batman]

Dear support,

I did run a file and Emsisoft was suspicious and, so it checked this with Anti Malware Network, finally Emsisoft did safe the file.
I did check the file in Incident Panel and it seems there is no information about this action (Safe by Anti-Malware Network), Why?

[stapp]

If EAM decided the file was safe after checking it, there would be no reason to put it in the logs (Incident Panel)

[Batman]

19 hours ago, stapp said:

If EAM decided the file was safe after checking it, there would be no reason to put it in the logs (Incident Panel)

The Incident Panel records all suspicious events. Even events that have been categorized as safe or dangerous by Anti-Malware Networks. but it doesn't show "performed action" by Emsisoft!

[Batman]

Can someone answer my question?

[ShadowPuterDude]

The incident panel is not going to show actions taken by EAM.  It is an investigative tool for Admins and workspace managers.

[Batman]

Thanks for your attention.

Wouldn't it be useful for the network administrator to be aware of Emsisoft detection and response (AMN) as well?

[ShadowPuterDude]

That info is in the log for the Endpoint.

[Batman]

Yes, there is in the endpoint report, but isn't it better to add the report in the incident panel? (Also, with more detailed)

In the incident panel, you want to provide helpful information to the network administrator for investigate. For example, you added a report from the VirusTotal, and Google.com or information about the processing source. I think Emsisoft file analysis (AMN) is one of the most primary investigation tools for admins, and you do not have it in your incident panel. I hope this section will be added in the future.👌

[ShadowPuterDude]

Thank you for your feedback. We may consider it for future development.