Posted on September 14, 2023
Core Prevention Exclusions marks a major milestone in our ongoing mission to give you greater control over your security policies. It’s designed to address a common challenge faced by security professionals - false positives. In the past, if a legitimate process triggered a Core Prevention rule, your only recourse was to disable the entire category, potentially leaving your systems vulnerable. However, with Core Prevention Exclusions, those days are behind us.
One of the most exciting aspects of Core Prevention Exclusions is the ability to create granular, process-based exclusions within each category. This means you can now allow essential business processes to run, even in the event of a false positive block. By doing so, you maintain the integrity of your security while ensuring that your critical workflows remain uninterrupted.
For the first time, our customers have the power to create process exclusions based on a variety of attributes related to either the primary or parent process. This level of customization enables you to: