Cybersec/SecOps
Hi. I just would like a clarification for this issue i have. Falcon alert is detecting malware coming from an end-user. cynetEPS.exe as the triggering indicator associated with IoC (hash file). I'd like to know if this is a false positive. Falcon blocked it and i havent checked yet if cynet was installed or already installed or a client tool. It might be a masquerade or what. I'd like to know what you guys think about this. Thanks
