Hello,
Would it be possible to consider this as a feature request:
As a business we use Sophos and other software, these have a .purge, .wizard and other files as standard which is being picked up by 12.1 malware detection. These files are also a known extension for malware and virus'. Is it possible to exclude a path en mass rather than checking each file location on alert/detection?
Kind regards,
Clair
-
- Novice
- Posts: 4
- Liked: never
- Joined: Jan 25, 2024 11:25 am
- Full Name: Clair Potts-Waller
- Contact:
-
- Product Manager
- Posts: 14690
- Liked: 1696 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: Feature Request 12.1 - Malware exclusions of a path
Hello Clair,
Path exclusion functionality is planned for next versions. Meanwhile you can exclude entire extension from processing (and if you have the latest 12.1.1 update you can do that directly from malware event properties).
We've also agreed to adjust the thresholds for .purge extension and raise alert when several files which such extension has been picked up. .wizard extension is being currently reviewed!
Thank you for your post!
Path exclusion functionality is planned for next versions. Meanwhile you can exclude entire extension from processing (and if you have the latest 12.1.1 update you can do that directly from malware event properties).
We've also agreed to adjust the thresholds for .purge extension and raise alert when several files which such extension has been picked up. .wizard extension is being currently reviewed!
Thank you for your post!
Who is online
Users browsing this forum: Bing [Bot], Google [Bot], pouya, Semrush [Bot] and 72 guests