Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
ed.sherratt
Level 1
Level 1
Member since ‎04-02-2002
‎08-23-2020
Recent Badges
Awards

User Statistics

  • 14 Posts
  • 0 Solutions
  • 5 Helpful votes Given
  • 1 Helpful votes Received
Recent Badges
See all
1 Helpful Vote
5 Replies

User Activity

finding out what item in a dictionary is firing?

09-09-2016
Hi, We have an incoming content filter that is used to quarantine suspicious mails, based on Attachment name, sender, and body content dictionaries, as well as a couple of other items. These have grown over time, particularly with the recent macro ma...

Increased malware in DOC macros

04-10-2015
Good Morning, We are currently seeing a massive increase in malware contained in Word Document macros, these are dropping through the ESA until CASE catches up, and there are no AV signatures for these files at the time of drop.I've analysed these fi...

malware in unusual archives

09-03-2014
Good Morning,We've recently seen malware executables, in archive files, dropping through the ESA, even though there is a policy to quarantine all executables. I suspect it's because the archives are an unusual type - ARJ - and may be specifically des...

Is it possble to whitelist some sites for Certificate errors on WSA?

08-29-2014
Hi,We have a requirement to block sites with certificate errors, self-signed/out of date/unrecognised authority etc., which makes sense from a security perspective.The business, however, want to whitelist certain third-party sites that we must access...
Community Statistics
Member Since ‎04-02-2002 02:24 AM
Date Last Visited ‎08-23-2020 11:19 AM
Posts 14
Total Helpful Votes Received 1
Helpful Votes From
See all >
Helpful Votes Given To
See all >