Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Protection: How to track script files

CB Protection: How to track script files

Environment

  • CB Protection Console: All Supported Versions

Objective

How to track script files normally considered "uninteresting". 

Resolution

  1. Within the console navigate to Rules > Software Rules and select the Scripts tab
  2. Create a new rule
  3. The path or file should be the extension of the file. For example
    *.ps1
  4. The process should be the process which will be executing the script. For example: 
    *\powershell.exe

Additional Notes

Additional information regarding custom rules can be found in App Control: Custom Rules Best Practices or in the CB Protection User Guide located here

Labels (1)
Tags (2)
Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎04-22-2019
Views:
636
Contributors