EDR and EPP Scoring Events

The EDR and EPP scoring events help you prioritize the events. The Protection Mode and the Detection Mode in the table signify the Primary and Secondary actions you select while configuring the Antimalware Profile in the Configuration tab. The following screenshot is an example of the File Event with Application as a threat:

The following table lists the EPP and its respective EDR scoring events:

EPP Event EDR Event Protection Mode Score Detection Mode Score
Anti-Exploit ProcessEvent  7 8
Anti-Phishing NetworkEvent 4 4
Behavioral ProcessEvent 5 6
File Scan (On Demand and On Access)  FileEvent 6 8
File Scan | ThreatName -Application and Adware FileEvent 4 4
Network Monitor NetworkEvent 6 9
Fileless: AMSI ProcessEvent 5 6
Fileless: Cmdline FileEvent 5 6
Device Control DeviceControl NA NA
Content Control UserControl 4 NA
Traffic Scan NetworkEvent 6 8
Traffic Scan | Threat Name - CloudVirus NetworkEvent 4 4
Anti-Ransomware ProcessEvent 8 9