Hi all,
We got a notification that a controlled application (ScreenConnect) was blocked on one of our servers. Is there anyway to identify the location of exe or application which caused this?
I used the Threat Analysis Service and searched for the process name using the contains attribute but nothing showed uo
Hello David,
Thank you for reaching out to the community forum.
Can you let us know if this has been working before or if it is just a fresh setup?
Was there any detection/alert being generated when our endpoint blocked the said application?
Have you contacted your provider for the AV Exclusion list for this application?
