You need to have the ability to monitor suspicious VBA macros. Which Sensor Visibility setting should be turned on within the Prevention policy settings?
Turn on the Script-Based Execution Monitoring prevention policy setting to enable the 'Falcon sensor to monitor the contents of scripts and shells that are popular mechanisms for executing malicious code on hosts. This setting does not kill or block scripts.'
Scripting languages:
Excel 4.0 macros
JScript
VBA Macros
VBScript
The Sensor Visibility setting that should be turned on within the Prevention policy settings to monitor suspicious VBA macros is Script-based Execution Monitoring. Script-based Execution Monitoring is a feature that enables the Falcon sensor to monitor and prevent malicious script execution on Windows systems. The feature uses machine learning and behavioral analysis to detect suspicious scripts or commands executed by various script interpreters, such as PowerShell, WScript, CScript, or Bash. VBA (Visual Basic for Applications) is a scripting language that can be embedded in Microsoft Office documents, such as Word or Excel. VBA macros can be used to automate tasks or perform actions within the documents, but they can also be abused by attackers to deliver malware or execute malicious code. Script-based Execution Monitoring can help detect and prevent such attacks by monitoring the contents of VBA macros for execution of malicious content.
Tuyet
6 months agoRebecka
5 months agoSage
5 months agoBeckie
5 months agoTawna
6 months agoIzetta
5 months agoEvangelina
5 months agoKimi
5 months agoLeatha
6 months agoSage
6 months agoMichel
6 months agoAlana
5 months agoGianna
5 months agoMargarita
5 months agoEleonore
5 months agoRosendo
5 months agoBerry
6 months agoEladia
6 months agoBethanie
6 months agoFrank
6 months agoNu
6 months agoWilburn
6 months agoShawnna
7 months ago