We have 500+ servers in Endpoint security. Daily we are getting multiple alerts from below two use cases. We could see the file names with MEMORY_DLL…………… and most of are the file less and communication and file hashes are clean. Is there any way to we can eliminate the False Positives to better the Incident response.
1. Floating Module In OS Process 2. Floating Module In Browser Process