AMSI integration

April 16
New
Datto EDR, Kaseya 365 Endpoint

Datto EDR now integrates with Windows Antimalware Scan Interface (AMSI) to expand visibility into script-based activity and improve detection coverage for fileless attacks. This helps you spot suspicious PowerShell and other scripting engine activity that can otherwise blend into normal admin work.

The Windows EDR agent adds AMSI detection components in a dedicated AMSI directory within the agent install path (including amsi.dll, keywords.enc, and damsi.sha). AMSI support is designed to inspect script content and alert on risky patterns, including interactive command activity and malicious keywords before execution.

Learn more about AMSI integration for Datto EDR here

One complete platform for IT & security management

Kaseya 365 is the all-in-one solution for managing, securing, and automating IT. With seamless integrations across critical IT functions, it simplifies operations, strengthens security, and boosts efficiency.

Get a demo Explore Kaseya 365
Kaseya Intelligence story

The intelligence era is here: Kaseya’s vision for autonomous IT

Over the past two decades, the IT industry has seen wave after wave of transformation — from break-fix to managed

Read blog post

What is patch management? A complete guide for MSPs and IT teams

Every IT environment runs on software that needs constant updating. Operating systems, browsers, business apps, the firmware on the network

Read blog post

The patch management process: A step-by-step guide

Most patching programs don’t fail because the team doesn’t know the steps. They fail in the gaps between them: the

Read blog post