https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/block-vulnerable-applications-from-running/m-p/599443#M7269 <P>Hi community,</P> <P>&nbsp;</P> <P>I am attempting with restricting the execution of vulnerable applications.</P> <P>&nbsp;</P> <P>Is it possible to block a specific application version using BIOC associated with restriction profile?<BR />(Or if there's another easy way to do this please let me know)</P> Thu, 03 Oct 2024 16:48:35 GMT Hisashi_Abe 2024-10-03T16:48:35Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/block-vulnerable-applications-from-running/m-p/599443#M7269 <P>Hi community,</P> <P>&nbsp;</P> <P>I am attempting with restricting the execution of vulnerable applications.</P> <P>&nbsp;</P> <P>Is it possible to block a specific application version using BIOC associated with restriction profile?<BR />(Or if there's another easy way to do this please let me know)</P> Thu, 03 Oct 2024 16:48:35 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/block-vulnerable-applications-from-running/m-p/599443#M7269 Hisashi_Abe 2024-10-03T16:48:35Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/block-vulnerable-applications-from-running/m-p/599458#M7270 <P data-unlink="true">Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/193463">@Hisashi_Abe</a>&nbsp;<BR /><BR />Thank you for reaching out to the Live community!</P> <P data-unlink="true"><BR /><SPAN>You can use the restriction profile and call the executable/application there -&nbsp;<A href="https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Add-a-New-Restrictions-Security-Profile" target="_blank">https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Add-a-New-Restrictions-Security-Profile</A><BR /><BR />In case if you are looking to block the specific version of that application then you may need to check the hash of that version which may be unique with each release so that you can add it to the block list -&nbsp;<A href="https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Manage-File-Execution" target="_blank">https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Manage-File-Execution</A><BR /><BR />For more granular restriction you can check for other parameters/variables of that application and make use of BIOC rules by adding them to the restriction profile.<BR /><BR /></SPAN>Please click&nbsp;Accept as Solution&nbsp;to acknowledge&nbsp;If this answer added value to your question.</P> Thu, 03 Oct 2024 17:51:05 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/block-vulnerable-applications-from-running/m-p/599458#M7270 nar 2024-10-03T17:51:05Z