IT Security Specialist at a tech services company with 201-500 employees
Real User
2020-11-23T21:59:30Z
Nov 23, 2020
With some specific versions, we are experiencing some issues where the policy configuration has some problems with the parent and child processes. There have been problems with the relationship between the parent and child process, from time to time. I would like to see better reporting and alerting features in the future.
Manager - SCADA & OT SECURITY at a energy/utilities company with 10,001+ employees
Real User
2020-04-02T07:00:00Z
Apr 2, 2020
It should have more monitoring on the modes. You can observe what other applications are running and you can create the policies for the application controls. You should have the option of creating the policy so that it will be easier for user to configure. The intrusion detection features should also be improved. It is a very good feature but it should be maximized. It should be for intrusion prevention also. When you want to prevent an intrusion, then that application should be quarantined. But in the field I'm working in, I can't do that because it can quarantine my system as well. It should be able to detect any anomaly and malicious communication that is happening between two PCs.
With some specific versions, we are experiencing some issues where the policy configuration has some problems with the parent and child processes. There have been problems with the relationship between the parent and child process, from time to time. I would like to see better reporting and alerting features in the future.
It should have more monitoring on the modes. You can observe what other applications are running and you can create the policies for the application controls. You should have the option of creating the policy so that it will be easier for user to configure. The intrusion detection features should also be improved. It is a very good feature but it should be maximized. It should be for intrusion prevention also. When you want to prevent an intrusion, then that application should be quarantined. But in the field I'm working in, I can't do that because it can quarantine my system as well. It should be able to detect any anomaly and malicious communication that is happening between two PCs.