Feb 15 2022 05:32 AM
hay
is there an option to create a detection rule that alert on specific software that installed on devices ?
I want to get only new alerts , i don't want summary of all devices with this software.
thank you.
Jul 14 2023 09:03 AM
I would love to see an answer here. I have been working on this also and short of using ARC to forward install events from the endpoints (which we can't do now) I haven't found a good way to do this.
Jul 17 2023 05:44 AM
