gt420hp

Can someone help with integration with the new Cloud Console for MalwareBytes. I don't see any sections for Syslog....I want to integrate this with our SIEM.

Can someone tell me the settings for LogRhythm with the console? I know the port is 514. Should I choose TCP or UDP? Do I choose CEF or JSON? thanks

I ended up editing my policy to not watch for those issues. I ended up unchecking the two boxes for Browser. This stopped the alerts to the users. Not sure if this is the recommended way, but it works. Go to the Anti-Exploit tab, choose advanced, then uncheck "DEP enforcement" and uncheck "Anti Heapspraying"

Interesting....we have the same issue. And "Yes", we also run BitDefender I still have to get logs up to your group.....

I am pretty sure this is a false positive. Only affecting IE users. We updated console, and all client versions to the latest. Get this error in Internet Explorer.

We just started seeing an issue today with IE browsers. Getting "Exploit attempt to bypass ASLR blocked" and "Exploit memory HeapSpray attempt" Are these false positives? I am seeing a similar issue, but have a concern of "unchecking" the browser. If we uncheck the browser, then basically anti-exploit is not going to review browser connections for exploits?