Hello!
We are currently deploying Microsoft ATP on our test Macs, but I have no way of knowing that it is working properly. Is there a test file that you all download to see if the antivirus is working?
Solved
Best way to test antivirus.
+4Best answer by wcheung11
Correct website for the EICAR virus test file should be "https://www.eicar.org/".
+12Some of my coworkers ran the Eicar antivirus test file and triggered Defender ATP alerts on their Macs. I'm assuming they got it from (edit) https://www.eicar.org.
+16So we just went through this "testing" and I have went through it a few times before. I kinda thought about it differently this time. I am qualified to test? Who is qualified to test? Is a test file really a test? Are we just checking a box? Some modern vendors don't even bother to check for the EICAR text.
I think the new minimum testing has been changed
https://docs.jamf.com/jamf-protect/evaluation-guide/Testing_Threat_Detections.html
I think that leads to a test machine with a VM to test on a non secured network and that test machine might never be allowed on your secured network ever again. I used a machine that we are going to destroy and yes I am not qualified to test. : ) I just tested for my own personal knowledge. And to see if where the products in "our" bake off were and if they did what they said they would.
C
C
+7Hi,
What I do for testing is the following:
I create a policy in Self Service within files and processes:
curl -o ~/Desktop/eicar.com.txt https://www.eicar.org/download/eicar.com.txt
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.