Jump to content

Lee-Wei

Members
  • Content Count

    12
  • Joined

  • Last visited

Community Reputation

1 Neutral

About Lee-Wei

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. @noogie, Oh silly me, the reason for the difference is that the Excel Add-in is “Aggregating” the detections. When Malwarebytes detect a threat, the console is showing the “traces”. So one threat, such as a PUP, might have multiple traces consisting of files, registries, etc. The Excel Add-in defaults to aggregating them. Go to Configuration and Options and check the following “Do not aggregate Detections” to show all traces without aggregating them.
  2. Hmm, no there should not be a difference the the number of detections, because it is the same code. After importing the data, the "...Generate Reports" further creates some charts for us. Private message me or contact me via my email above and I can take a look.
  3. In the Excel Add in, if you have imported any Endpoints unto the spreadsheet, then the Detection import will automatically filter against that set of endpoints. If you simply perform a Detection import, then no additional filtering will apply. Since the data set is not too big (35 - 99), would you mind just spot check to see which are the missing ones? Failing that, feel free to contact me and I do a quick check with you. My email is leewei at leewei dot com.
  4. From my recollection, there are 2 possibilities: - Firstly, in the Excel Add-in, the detection data is filtered based on the Endpoints selected. For example, if you download a subset of endpoints from a group, then the detections will be filtered based on that set of assets. - Secondly, I am not sure on this one. At one point, the console only shows 30 days of threat data, whereas the Excel Add-in via the API has access to 90 days of threat data. So check your console to see the oldest dates.
  5. I don't know the plans. One way to provide feedback is that when you sign into the Nebula cloud console, the bottom left corner has a "Send Feedback" feature to send your query and feedback.
  6. Correct that suspicious activities are not currently included as part of the summary report. There is not a plan to do that.
  7. If a threat is detected and actioned upon, it will be tagged as Quarantined. If it is only detected but not remediated, than you see the status as Found. Found is possible if you performance a scan but chose not to remediate for reporting only.
  8. @RickyF, the "All Site" option should have been taken out as it has not been implemented. Sorry about that.
  9. @Olivier75I can help you debug this if you contact me directly leewei at leewei.com. This is usually due to some data that I am not expecting causing some parsing errors.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.