The Trellix Application Control Options Advanced Threat Defense (ATD) settings must not be enabled unless an internal ATD is maintained by the organization.
An XCCDF Rule
Description
<VulnDiscussion>This option will automatically send files with a specific file reputation to ATD for further analysis. This option is not selected by default and must only be selected if an ATD is being used.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-213332r944839_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
If an ATD server is not being used in the environment, this is Not Applicable.
From the ePO server console System Tree, select the "Systems" tab.
Select "This Group and All Subgroups".
Select the asset.