Are there any plans to add Endpoint Security support for intercepting or observing listen() calls, so SIEM and EDR products can reliably monitor when processes begin accepting inbound network connections?
We can’t discuss our future plans.
Please file a feedback request so our engineering teams can hear more about your needs.
To file an enhancement request (ER), use Feedback Assistant.
Thank you for the suggestion. We have already submitted feedback through Feedback Assistant (FB13452950). We are posting here to seek additional guidance on any supported solutions, recommended approaches, or future platform direction for enterprise security products that need to monitor when third-party applications create listening network sockets.
