06-10-2024 05:16 AM
Hello
Is it possible to specify multiple values while creating prevention rules exception for one "application" ? If so what is the schematics of adding those ?
Especially in path section. As if application has multiple location paths for its different modules such as C:\program files (x86)\ or %program data% or C:\program files\ etc where wild card can not be used.
Or in this case multiple rules have to be created based on those paths.
Thank you.
06-10-2024 11:58 AM
Hi,
Thanks for reaching out.
Have you tried adding the file hash of the trusted app to the allow list instead instead?
Test it out https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Prevent-Administrator-Guide/Manage-...
If this post answers your question, please mark it as the solution.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
