Intrusion detection is a feature that detects and reports on any attempted file writes or modification to a folder. When intrusion detection is triggered, a number of events will occur
- An email is sent to the addresses specified (required)
- A full-screen alert is displayed (optional)
- The process that triggered the detection is terminated (optional)
When enabled with folder protection
When enabled with folder protection, Anvil monitors for file system modifications (i.e. any file writes) using a "denied silent" rule, meaning... any unauthorised process writing to the folder will not be made aware that its file writes or modifications are being silently blocked.
Canary files vs Intrusion detection
Comments
0 comments
Article is closed for comments.