Forensics

Harmony Forensics analyzes attacks detected by other detection features like Anti-Ransomware, Threat Emulation.

On detection of a malicious event or file, Forensics is informed and a Forensics analysis is automatically initiated. After the analysis is completed, the full attack sequence is then presented as a Forensics Report.

Forensics Report

The Forensics Report provides full information on attacks and suspicious behavior with an easy interface.

The Report includes:

  • Entry Point - How did the suspicious file enter your system?

  • Business Impact - Which files were affected and what was done to them?

  • Remediation - Which files were treated and what is their status?

  • Suspicious Activity - What unusual behavior occurred that is a result of the attack?

  • Incident Details - A full visual picture of the paths of the attack in your system.

Use the Forensics Report to prevent future attacks and to make sure that all affected files and processes work correctly.

Opening a Forensics Report

To open a Forensics Report for an incident:

  1. Click the Endpoint Security icon from the menu area and select Display Overview.

    The Endpoint Security Main Page opens.

  2. Click Forensics and Anti-Ransomware.

  3. In the Analyzed cases table, click an Incident ID.

    The Forensics Report opens in your browser.