@@ -289,6 +289,14 @@ def LsarLookupNames(self, dce, policyHandle, service):
289289 {"name" : "exploitProtectionIPC" , "processes" : ["AVKWCtlx64.exe" ]}
290290 ]
291291 },
292+ {
293+ "name" : "Ivanti Security" ,
294+ "services" : [
295+ {"name" : "STAgent$Shavlik Protect" , "description" : "Ivanti Security Controls Agent" },
296+ {"name" : "STDispatch$Shavlik Protect" , "description" : "Ivanti Security Controls Agent Dispatcher" }
297+ ],
298+ "pipes" : []
299+ },
292300 {
293301 "name" : "Kaspersky Security for Windows Server" ,
294302 "services" : [
@@ -335,6 +343,11 @@ def LsarLookupNames(self, dce, policyHandle, service):
335343 ],
336344 "pipes" : []
337345 },
346+ {
347+ "name" : "Rapid7" ,
348+ "services" : [{"name" : "ir_agent" , "description" : "Rapid7 Insight Agent" }],
349+ "pipes" : []
350+ },
338351 {
339352 "name" : "Sophos Intercept X" ,
340353 "services" : [
@@ -384,7 +397,10 @@ def LsarLookupNames(self, dce, policyHandle, service):
384397 {"name" : "Trend Micro Web Service Communicator" , "description" : "Trend Micro Web Service Communicator" },
385398 {"name" : "TMiACAgentSvc" , "description" : "Trend Micro Application Control Service (Agent)" },
386399 {"name" : "CETASvc" , "description" : "Trend Micro Cloud Endpoint Telemetry Service" },
387- {"name" : "iVPAgent" , "description" : "Trend Micro Vulnerability Protection Service (Agent)" }
400+ {"name" : "iVPAgent" , "description" : "Trend Micro Vulnerability Protection Service (Agent)" },
401+ {"name" : "ds_agent" , "description" : "Trend Micro Deep Security Agent" },
402+ {"name" : "ds_monitor" , "description" : "Trend Micro Deep Security Monitor" },
403+ {"name" : "ds_notifier" , "description" : "Trend Micro Deep Security Notifier" }
388404 ],
389405 "pipes" : [
390406 {"name" : "IPC_XBC_XBC_AGENT_PIPE_*" , "processes" : ["EndpointBasecamp.exe" ]},
0 commit comments