I need a solution
Hi Team
With SEP 14 RU 1 a group of computers is showing the following event: "Detected Attack: Data Execution Protection - Execution of Non-Executable Memory, SEP will terminate ... and the applications are iexplorer or java.
Based on the description provided by Symantec at Security Response Attack Signatures I have the following doubts in terms of event response.
1. The event is reoccurring frequently but the logs just shows the application name so how the IT Security Team could identify the root cause and try to avoid future events like that?
2. How could be identified a false positive?
Best Regards
0