Hello everyone,
Veeam Inline Entrophy analysis feature checks if any encryption has started on VMs. Does this feature additionally perform text analysis with onion links and AI/ML? In other words, is it enough to scan the backup it received to perform these analyses or should the guest index file be open in the relevant backup job and the credentials of the machine should be entered?
Yes it should but I would check out Shane's posts be did on the topic with a deeper dive -
No...inline entropy doesn’t really scan how you’re thinking. Inline scans at the “block” level, per the Guide, but rather detects “text artifacts” at that level. See link:
https://helpcenter.veeam.com/docs/backup/vsphere/malware_detection_data_blocks.html?ver=120
To get more into the file area, yes, you would need to enable File System Analysis...which yes...does require Guest Indexing to be enabled on the Jobs:
https://helpcenter.veeam.com/docs/backup/vsphere/malware_detection_guest_index.html?ver=120
https://helpcenter.veeam.com/docs/backup/vsphere/malware_detection_guest_index_hiw.html?ver=120
Hope that helps.
also, just FYI, per the guide:
Thank you for your support. I will try to integrate these logs with the XDR product. I think I can get better results.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
