Environment
- App Control Agent: All Supported Versions
- App Control Console: All Supported Versions
- Windows: All Supported Versions
Question
What processes paths should be used in a Kernel Exclusion for Windows Defender?
Answer
Due to a variety of environmental differences, a specific set of logs will be required to validate the paths/operations necessary:
- Verify Windows Defender has all Agent Exclusions entered.
- Collect the Agent Performance Logs.
- Create a ticket with Carbon Black Support.
- Upload the collected logs to the Vault for review.
Additional Notes
- There must be exclusions in Windows Defender before the Kernel Exclusions are added to prevent Agent instability/corruption.
- There are multiple versions of Windows Defender and Kernel Exclusions should only be added for paths that currently exist/are in use in the environment.