We have enabled Script process protection feature in our environment, however we dont see any filter for this feature under "Events" tab. How can we filter or find the script process protection alerts on AMP console for our machines.
We see only "System process protection" and not "Script process protection". Incase if its a subset of "System process protection" feature how do we see a particular alert for "Script process protection". Please guide me here.
als @Matthew Franks already explained, today Script Protection is focusing on Scanning Files provided by Microsoft AMSI. Therefore it is shown as a File Detection Event. This is the actual Product Design of the Engine.