CPC H04L 63/1416 (2013.01) [G06F 8/61 (2013.01); G06F 8/62 (2013.01); G06F 21/554 (2013.01); G06F 21/568 (2013.01); H04L 63/1441 (2013.01)] | 17 Claims |
1. A method for conducting a computerized surveillance in a computerized environment, comprising:
initiating an installation of an agent on an endpoint device (EPD) in response to an indication of a potential malicious activity executed on the EPD;
activating the agent to collect data on the EPD;
based on the analysis of the collected data, selecting at least one mitigation action to be executed by the agent; and
initiating an uninstallation of the agent from the EPD, wherein initiating the uninstallation of the agent is performed after a predefined time period from the installation of the agent.
|