What Kinds of Events Are You Looking For?

The end point security framework allows a tool like Jamf Protect to detect and act on local events. There are two main types of events that most detections are built around. The big ones are file events, things like a file getting created, deleted or moved. And I would say probably 95% of our detections are focused on those.