<![CDATA[GETOVERX FORUM Community Support

<![CDATA[GETOVERX FORUM Community Support - EDR]]> https://forum.getoverx.com/ Fri, 17 Apr 2026 10:14:24 +0000 MyBB <![CDATA[Help configuring the Corporate EDR Version]]> https://forum.getoverx.com/showthread.php?tid=140 Wed, 18 Feb 2026 00:58:11 +0000 thomasb4083]]> https://forum.getoverx.com/showthread.php?tid=140

Hello community,
I’m configuring the EDR module and I see it supports rule lists (import/export). I’d like to expand the baseline rules safely without causing false positives or system instability.

Where do you recommend sourcing reliable rule ideas or detection guidance?

For example: CISA advisories, NIST recommendations, MITRE ATT&CK mappings, or other reputable public resources that can be translated into EDR rules.
Any suggestions or rule pack structures you’ve tested in real endpoints would be appreciated.
Thanks!]]>

Hello community,
I’m configuring the EDR module and I see it supports rule lists (import/export). I’d like to expand the baseline rules safely without causing false positives or system instability.

Where do you recommend sourcing reliable rule ideas or detection guidance?

For example: CISA advisories, NIST recommendations, MITRE ATT&CK mappings, or other reputable public resources that can be translated into EDR rules.
Any suggestions or rule pack structures you’ve tested in real endpoints would be appreciated.
Thanks!]]> <![CDATA[Recien instale Get Over X Server V3.0.4.1]]> https://forum.getoverx.com/showthread.php?tid=139 Mon, 16 Feb 2026 18:28:39 +0000 LuisAnderson]]> https://forum.getoverx.com/showthread.php?tid=139
¿Que funciones trae diferentes en comparación a la versión 3.0.2?

Me encanta que sea multilingüe y tiene algo mas que hace que funcione mejor.

Gracias]]>
¿Que funciones trae diferentes en comparación a la versión 3.0.2?

Me encanta que sea multilingüe y tiene algo mas que hace que funcione mejor.

Gracias]]> <![CDATA[What does the EDR module monitor and where can I see its logs?]]> https://forum.getoverx.com/showthread.php?tid=89 Fri, 05 Dec 2025 00:28:23 +0000 VilleTai]]> https://forum.getoverx.com/showthread.php?tid=89 I enabled the EDR module but I’m not sure what exactly it does. Is it just another scanner, or does it give me more detailed information about my system? Angel

]]> I enabled the EDR module but I’m not sure what exactly it does. Is it just another scanner, or does it give me more detailed information about my system? Angel

]]> <![CDATA[EDR Decta archivo raros y los limpia]]> https://forum.getoverx.com/showthread.php?tid=24 Sat, 29 Nov 2025 14:31:08 +0000 thomasb4083]]> https://forum.getoverx.com/showthread.php?tid=24
¿Es esto un falso positivo?

[2025-10-31 06:38:37] [EDR] INFO - [EDR-Detect] watching: C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe CLEANED
[2025-10-31 06:38:37] [EDR] INFO - [EDR-Detect] watching: C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe CLEANED
[2025-10-31 06:38:37] [EDR] INFO - [EDR-Detect] watching: C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_99f6bd58bfe82726\RstMwService.exe CLEANED

[2025-10-31 20:38:13] [EDR] INFO - [EDR-Detect] Scan completed. Total suspicious processes stopped: 3]]>
¿Es esto un falso positivo?

[2025-10-31 06:38:37] [EDR] INFO - [EDR-Detect] watching: C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe CLEANED
[2025-10-31 06:38:37] [EDR] INFO - [EDR-Detect] watching: C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe CLEANED
[2025-10-31 06:38:37] [EDR] INFO - [EDR-Detect] watching: C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_99f6bd58bfe82726\RstMwService.exe CLEANED

[2025-10-31 20:38:13] [EDR] INFO - [EDR-Detect] Scan completed. Total suspicious processes stopped: 3]]> <![CDATA[EDR funciona en segundo plano?]]> https://forum.getoverx.com/showthread.php?tid=17 Fri, 07 Nov 2025 15:24:15 +0000 thomasb4083]]> https://forum.getoverx.com/showthread.php?tid=17 <![CDATA[servicio IDS inicia apagado En la nueva version de 3.0.2.0]]> https://forum.getoverx.com/showthread.php?tid=13 Mon, 22 Sep 2025 00:10:00 +0000 Jose Alberto Vasquez Ortiz]]> https://forum.getoverx.com/showthread.php?tid=13
Quiero comentarles que el servicio de ids inicia apagado en el ids, podrian verificar o indicarme como hacer para que inicie en el sistema para que siempre este monitoreando mi computadora.

Gracias de antemano!]]>
Quiero comentarles que el servicio de ids inicia apagado en el ids, podrian verificar o indicarme como hacer para que inicie en el sistema para que siempre este monitoreando mi computadora.

Gracias de antemano!]]> <![CDATA[Unusual process detected – is this malware?]]> https://forum.getoverx.com/showthread.php?tid=1 Sat, 20 Sep 2025 17:42:51 +0000 mrwebfeeder]]> https://forum.getoverx.com/showthread.php?tid=1
Hello community, EDR Lite flagged a process named msworkerupdate.exe running from AppData\\Roaming. I don’t recognize it. Has anyone else seen this behavior? Could this be a new type of malware or just a false positive?]]>
Hello community, EDR Lite flagged a process named msworkerupdate.exe running from AppData\\Roaming. I don’t recognize it. Has anyone else seen this behavior? Could this be a new type of malware or just a false positive?]]>