Do I Understand Profile Exceptions?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Do I Understand Profile Exceptions?

L2 Linker

Hi,

Created a Vulnerability Protection profile.

Noticed that I was seeing a lot of "Microsoft Windows Registry Read Attempt" entries in the threat log. These appear to be benign. So I edited the profile, clicked the exceptions tab and checked the "enabled" checkbox for this vulnerability. I assumed this meant that this vulnerability would now be ignored and not show up in the log. This however is not the case. What am I missing?

Also

In the threat logging window, I click on a threat name and the threat details are displayed. One of the lower columns in the window is "Exempt Profiles". What exactly does this mean?

Any help is greatly appreciated.

M

3 REPLIES 3

L5 Sessionator

Once you have enabled the vulnerability make sure that you allow it instead of the default action.

Thanks sraghunandan,

What about the second part of the question?

To answer your second question, the "Exempt Profiles" is where you can add an exception directly from that dialog.  Click on it and configure that profile with exemptions.  Hope this helps,

-chadd.

  • 4554 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!