We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files.
Thanks in advance.
Should be able to do this easily via the Restrictions profile in the Executable Files section if you simply add the file/folder into the Block section and ensure that it's actually enabled since this is disabled by default.
You can add the hash into the global blocklist as well if you use a lot of profiles and only want to enter it in one location, however last I checked that only accepted hash values and you'd need to keep that updated to actually block any new release which would quickly get tiring if you don't automate the hash collection and blocking.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!