Analyzing contexts to understand attacks
Contexts in SES Evolution make it possible to thoroughly analyze the environment in which attacks occur on agents, and determine what these attacks consist of, where they come from and how they strike. To get this feature, your security policy must contain the built-in rule set Stormshield - Audits of attack contexts. For more information, refer to the section Understanding built-in rule sets.
If the Execution flow hijacking protection mode blocks a malware program, analyzing the context will reveal which file caused the malware to launch, and where the file came from.