Before You Begin
Ensure that the Avert Library Item has behavioral detections enabled and has been successfully applied to the device by confirming that a green dot is visible next to the Avert Library Item located within the Status tab of a Device Record.
Testing Behavioral Detections
Open Terminal.
Run the following command to trigger a behavioral event.
Results in Detect Mode
When the Behavior Posture Mode in the Avert Library Item is set to Detect mode:
EDR will identify the test as malicious behavioral activity. This will be reported with a status of Detected in both the Threats module (accessible via the left-hand navigation bar) and the Threats tab within a Device Record.
Results in Protect Mode
When the Behavior Posture Mode in the Avert Library Item is set to Protect mode:
EDR will recognize the test as malicious activity and block it. This will be reflected with a status of Blocked in both the Threats module (accessible via the left-hand navigation bar) and the Threats tab within a Device Record.
