Secure Endpoint folder permissions?

itguy1024 — Tue, 11 Oct 2022 17:47:52 GMT

Hi,

I have seen some failed quarantine events come through and in the details it said access denied. I don't remember AMP needing a service account or setting one up but maybe I'm mistaken. Does AMP have full access to the file systems?

Re: Secure Endpoint folder permissions?

Troja007 — Wed, 12 Oct 2022 12:35:17 GMT

Hello @itguy1024 ,
yes, Secure Endpoint has full access to the disk, but if the service does not get the right access permission from the Operating System (e.g. running process), this might generate a failed quarantine event. Another option could be, that the file is a temporary file from the browser cache. So when Secure Endpoint wants to remove the file, it is not there any more.
In such a case, we need a closer look how the event looked like.
Greetings,
Thorsten

topic Re: Secure Endpoint folder permissions? in Endpoint Security

Secure Endpoint folder permissions?

Re: Secure Endpoint folder permissions?