Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Tamper Protection Still Triggering Despite Exclusions

App Control: Tamper Protection Still Triggering Despite Exclusions

Environment

  • App Control Server: All Supported Versions
  • App Control Agent: All Supported Versions
  • Third Party Security/Antivirus Product

Symptoms

  • Agent or Server Exclusions have been added to third party product.
  • Agent or Server still generating Tamper Protection Events.

Cause

There are a few potential causes in this situation:
  • The exclusions in the third party product are incomplete.
  • The endpoint has not yet received the exclusions in the third party product.
  • The third party product is not honoring the exclusions.

Resolution

  1. Verify which third party product is triggering Tamper Protection.
  2. Verify the third party product is not missing an Agent (Linux, macOS, Windows) or Server Exclusion.
  3. Contact the third party vendor to determine why the exclusions are not being honored.

Additional Notes

  • Tamper Protection is designed to protect the Agent or Server from unauthorized modification.
  • Allowing processes to interfere with the operation of the Agent or Server could cause stability or security issues.

Related Content


Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-16-2023
Views:
196
Contributors