Resilient cybersecurity for your devices, data, and security controls. | Absolute
This is a new software that a client just got at a high lvl it’s a way to have full control over laptops at BIOS lvl. You can track the device even if the drive is pulled and new os is loaded it will check back in per the BIOS linking that Absolute worked with Dell, Lenovo and other manufacturers vendors.
This Software will deploy with the deployment I setup, but it can’t be detected. Looking for a way to run the detection tool as the verify and confirm per the commands that return it will mean compliant or not…
can’t add a PDF here, but here are some screenshots
@Timothy_Wachenfeld have you tried a custom detection script against that “AbtPS.exe”?
Check our VLC or Zoom deployments for examples of custom detection scripts which check for the existence of an EXE and return the version.
I have two deployments; I could look to just merge them into the same zip file if that maybe easier… But right now, was thinking to have the Persistence tool to be a prereq but if I do the Custom detection script what would be the path of where the AbtPS.exe is located? question applies for both if merging the zip files to together.
I would need run the path to the exe and run the switches and then based off of results come back as compliant or not.
To trigger a call:
[Download] (Downloading utilities) the Persistence Status Monitor to the device.
Extract the contents of the AbtPS_.zip file to a location of your choice, such as C:.
Open a Command Prompt window and navigate to the location where you extracted the zip file. For example, enter:
Trigger the Absolute agent to call the Absolute Monitoring Center by entering the following command at the prompt:
Agent call started is returned.
To check if the call is still in progress, enter the following command at the prompt:
One of the following values is returned: Agent is calling or Agent is not calling.
For new agent installations, you can check if the triggered call was successful and the Absolute agent is now activated. Enter the following command at the prompt:
The Device ESN shows. If the identifier’s last four digits are greater than “0000”, the device has been assigned a unique Absolute Identifier and the agent is activated. If it ends with “0000”, the call was not successful. Repeat steps 4 to 6.
“AbtPS -StartCall” is the one that triggers the call
so I would need the complaint to look for the ESN specific identifier, and would need to confirm where I can extra the files to. Should I merge AbtPS zip into the other zip and that way it all gets extracted…
looking if I can look at processes that might make it easier
Check if the Absolute agent is installed on a Windows or Mac device?