When a user launches a process on the endpoint,
Traps injects code into the process and activates a protection module
known as an Exploit Protection Module (EPM) into the process. The
endpoint security policy rules determine which EPMs are injected into
each process. During the injection, the process name appears on
the console in red. After the injection completes successfully,
the console logs the security event on the
security event on the
the date and time of the event, name of the affected process, and
EPM that was injected into the process. Typically, the mode indicates
whether or not Traps terminated the process or only notified the
user about the event.
Launch the Traps Console:
From the Windows tray, right-click the Traps icon
, or double-click the
Run CyveraConsole.exe from the Traps installation folder.
Traps Console launches.
View the security events:
to display the security
events on the endpoint.
Use the up and down arrows to scroll through the list