Hi @RNance,
Creating an exception would prevent the rule from executing, allowing the PowerShell script to run. The alert, on the other hand, may well be generated in a generic format, which can be suppressed via exclusion. However, permitting the script to run is a use-case for the exploit rule exception. Furthermore, exploit protection exceptions do not support target scripts as a parameter at this moment in time. That would be a feature request at this point, which your account team should be able to report on.
Visit our Cortex XDR Customer Corner on Live Community to access resources for your product journey, engage in discussions with community members and subject matter experts, and register for upcoming events!
*Cortex XDR Customer Corner: https://live.paloaltonetworks.com/t5/cortex-xdr-customer-corner/ct-p/Cortex_XDR_Customer_Corner
Join our Cortex XDR Office Hours to receive live guidance and training from our Customer Success Architects.
*Cortex XDR Office Hours [NAM]: https://paloaltonetworks.zoom.us/webinar/register/3316669859020/WN_yMpAB-aBTt6xk2h-gsra4w
*Cortex XDR Office Hours [EMEA/APAC]: https://paloaltonetworks.zoom.us/webinar/register/4116709604301/WN_CZuFE5CHQbG9LUEqugsIOw
