Introducing Enhancements to our Core Prevention Exclusions: Fine-Tuning Your Security Posture

September 11, 2023

In the rapidly evolving landscape of cybersecurity, maintaining a robust defense against threats is paramount. Endpoint security stands at the forefront of this battle, and effective policy management plays a pivotal role in ensuring optimal protection without disrupting critical business processes. The latest development in this realm comes in the form of Core Prevention Exclusions – a game-changing feature that empowers organizations to fine-tune their security policies and strike the delicate balance between protection and operational continuity.

We are thrilled to unveil enhancements to our Core Prevention rules. With this latest release, we're taking a giant leap towards providing you with unprecedented flexibility in managing and tuning your Core Prevention rules.

Our Core Prevention rules have been designed to safeguard your systems, but we understand that false positives can sometimes lead to disruptions in critical workflows. That's where Core Prevention Exclusions come in to play.

Gone are the days when your only solution to a false positive was to disable an entire Core Prevention category, a step that's not only inconvenient but also potentially risky. With Core Prevention Exclusions, you're empowered to craft finely tailored exclusions within each category, enabling essential business processes to continue even in the face of potential false positives.

For the very first time, you can create process exclusions based on a diverse range of attributes linked to either the primary or parent process. This includes process path, command line, hash, and certificate. Imagine being able to precisely target processes with a higher level of specificity than ever before. Whether it's scripting activities that rely on command lines or any other intricate workflows, you can now create exclusions that cater to your unique use cases.

This game-changing feature is all about maintaining the balance between security and efficiency. You can now keep your Core Prevention categories enabled, securing your systems, while simultaneously ensuring that your vital operations remain uninterrupted. It's a win-win scenario that puts you in control like never before.

We're excited to roll out these enhancements to our Core Prevention Exclusions and watch as it transforms the way you manage and fine-tune your security measures.

  • Review the Release notes here.
  • Review the overview video here.
  • Review the User Guide here.

Filter Tags

Blog Document