TDR Host Sensor Details

This topic provides details on how each Host Sensor functions. Each Host Sensor collects forensic data from the host and sends it to the Threat Detection and Response cloud for analysis. Forensic data includes information related to files, processes, network connections, and registry keys on the host.

You can configure Host Sensors to simply report security threats or to take action to fix certain types of security threats based on the Host Sensor settings.

On the Host Sensor settings page, users with an Administrator or Analyst role can configure the default Host Sensor settings for all Host Sensors in a TDR account.

One Host Sensor setting that is not on the Host Sensor Settings page is the Age Off For Quarantined Files setting. Analysts can configure this setting in the Host Sensors configuration page. For more information, see Configure the Age Off For Quarantined Files.

For deployment best practices, see TDR Deployment Best Practices.

Host Sensor Settings

Host Sensor Tamper Prevention Settings

Host Sensor Driver Configuration Settings

The Kernel space is the area of virtual memory that runs the operating system and is separate from the area of virtual memory that runs processes used by user programs.

Host Sensor Icon Settings

See Also

Manage TDR Hosts and Host Sensors

About TDR Host Ransomware Prevention

Manage TDR Groups