logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

CBC: Where is the documentation on when to use Policy permissions vs Core Preventions vs the new Event Reporting / Process exclusions?

CBC: Where is the documentation on when to use Policy permissions vs Core Preventions vs the new Event Reporting / Process exclusions?

Environment

  • Carbon Black Cloud Console: All versions as of February, 2024
  • Carbon Black Cloud Standard Endpoint (ES): All versions
  • Carbon Black Cloud Enterprise EDR (EEDR): All versions
  • Carbon Black Cloud Windows Sensor: Varies by feature. Use the 4.0.x or greater Windows Sensor for all features to be available.
  • Microsoft Windows: All supported versions.

Question

Where does one find documentation on when and how to use Policy permissions, Core Preventions and the new Event Reporting / Process Exclusions features?

Answer


Additional Notes

Carbon Black Cloud has continued to create methods to exclude items for different reasons. We have a number of options depending on the product you own and the goal for the exclusion. Below is a list of some of the common items we see.

Policy permissions:

Core Preventions

Event Reporting / Process Exclusions

Other


Related Content

Carbon Black Cloud: How to Set up Exclusions in the Carbon Black Cloud Console for AV Products
Endpoint Standard: How to Create Policy Blocking & Isolation and Permissions Exclusions
Carbon Black Cloud: Events Still Being Sent When Process is in Full Bypass Rule
Carbon Black Cloud: Recommended Third-Party Anti-virus Exclusions
Carbon Black Cloud: How to specify wildcards in Core Prevention exclusions.
Endpoint Standard: How to Configure Exclusions for Core Prevention Rules
CB Defense: Is A Folder Path Exclusion Possible For The Auto-Delete Feature?
Endpoint Standard: Adding approved reputation using IT Tools isnt working properly
Carbon Black Cloud: How to Utilize IT Tools Allow list Feature
Carbon Black Cloud: What are the differences between API Bypass and Full Bypass
Carbon Black Cloud: How to Add a SHA256 Hash to Approved/Banned List
Enterprise EDR: Is it possible to add scanning exclusions for other security products in an Enterpri...
Carbon Black Cloud Windows Sensor: How to add Citrix exclusions in Windows registry for CBC Sensor
NGAV Cb Defense Mac Policy Guidelines

Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎03-11-2024
Views:
169
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.