I have a some false positive malware detections for the extension .hidden. These all exist within subfolders of node_modules folders, the path to these folders can change regularly when new software versions are deployed.
I do not wish to exclude all *.hidden files in case of a real malware detection.
I would like the ability to exclude an extension if it is within any node_modules folder, eg. **\node_modules\**\*.hidden
I have also noted that when viewing the malware detection log suspicious_files_dd-mm-yy.log there are more entries in the logfile than I see in the UI.
Case: #07301191
Thanks
-
jezmbi
- Lurker
- Posts: 2
- Liked: never
- Joined: Oct 24, 2022 8:55 am
- Contact:
-
Mildur
- Product Manager
- Posts: 10642
- Liked: 2867 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Feature request: Malware exclusion extension using wildcard paths
Hello Jezmbi
Thanks for your request about wildcards in folder paths.
We know about the request and that it is important for our customers. Your vote is counted.
Best,
Fabian
Thanks for your request about wildcards in folder paths.
We know about the request and that it is important for our customers. Your vote is counted.
Best,
Fabian
Product Management Analyst @ Veeam Software
-
poolshark1
- Novice
- Posts: 3
- Liked: never
- Joined: Jun 05, 2023 2:05 pm
- Full Name: Daniel M.
- Contact:
Re: Feature request: Malware exclusion extension using wildcard paths
Hi Fabian,
I am also anxiously awaiting the ability to use wildcards in malware detection "trusted objects" settings. Any update on when we can expect that functionality?
On a related note, I find it curious that wildcards are already supported in the "suspicious files" settings. Why wildcard support for inclusions, but not exclusions?
Thanks
I am also anxiously awaiting the ability to use wildcards in malware detection "trusted objects" settings. Any update on when we can expect that functionality?
On a related note, I find it curious that wildcards are already supported in the "suspicious files" settings. Why wildcard support for inclusions, but not exclusions?
Thanks
-
MoritzG-Seidemann
- Service Provider
- Posts: 14
- Liked: 2 times
- Joined: Nov 14, 2023 3:18 pm
- Full Name: Moritz Gische
- Contact:
Re: Feature request: Malware exclusion extension using wildcard paths
Another vote from me. Would be very useful
-
StoopidMonkey
- Enthusiast
- Posts: 49
- Liked: 4 times
- Joined: Nov 14, 2019 7:12 pm
- Full Name: Chris Lukowski
- Contact:
Re: Feature request: Malware exclusion extension using wildcard paths
I'm bumping this. Without the ability to use wildcards or environment variables this feature is unusable for user profile directories due to the false alarms. For example, I frequently got hits for "bulk file deletion" on paths like:
c:\Users\[username]\AppData\Local\Microsoft\Edge\User Data\
Right now I have no choice but to exclude the entire C:\Users path instead of just the c:\Users\*\AppData\Local\Microsoft\Edge\ folder for all users.
c:\Users\[username]\AppData\Local\Microsoft\Edge\User Data\
Right now I have no choice but to exclude the entire C:\Users path instead of just the c:\Users\*\AppData\Local\Microsoft\Edge\ folder for all users.
-
dspringer
- Enthusiast
- Posts: 62
- Liked: 5 times
- Joined: Feb 01, 2022 10:57 am
- Full Name: David Springer
- Contact:
Re: Feature request: Malware exclusion extension using wildcard paths
Hi there
This topic seems to be most suitable for my request and so I will also bump it.
I am once again annoyed by the fact that I have false positives for potentially dangerous file extensions and it is always a thorn in my side to simply declare the entire server as sighted OK.
But I also don't want to simply make a global exclusion for “*.AREA” files, for example, just because a lab software uses exactly this extension. It would be more appropriate to be able to make the exclusion for this one server in exactly this path.
Therefore: Thumbs up for this topic
This topic seems to be most suitable for my request and so I will also bump it.
I am once again annoyed by the fact that I have false positives for potentially dangerous file extensions and it is always a thorn in my side to simply declare the entire server as sighted OK.
But I also don't want to simply make a global exclusion for “*.AREA” files, for example, just because a lab software uses exactly this extension. It would be more appropriate to be able to make the exclusion for this one server in exactly this path.
Therefore: Thumbs up for this topic
Who is online
Users browsing this forum: No registered users and 40 guests