The monitoring agent will monitor and alert on attempts to attack critical files, applications, processes, and registry settings associated with the Bromium vSentry application itself, as well as attempts at executing unauthorized code in memory. All alerts will be sent to the BEC management server (along with any designated syslog destinations). Upon receipt of the alert, the system administrator must investigate and take appropriate action.
HBSS must be tuned to allow exceptions for the Bromium protection agent. Exceptions are detailed in the Bromium Secure Platform Deployment Guide at https://documentation.bromium.com/4_0/Deployment%20Guide/Bromium_Secure_Platform_Deployment_Guide_4_0_Update_3.pdf. Alert on attempts to attack critical files, applications, processes, registry settings, and attempts at executing unauthorized code in memory. |