Version
Current (Mac)
Issue
Degraded Performance with Cb Defense and Cb Response Sensors installed concurrently on OSX
Cause
The Cb Defense(confer) Policy that the OSX machine is in requires a to tell Cb Defense to ignore the Cb Response binaries
Solution
Login to the Cb Defense WebUI and follow the below instructions to create the required bypass rule.
- Go to Setting -> Policy
- Select the Policy that your OSX machine is in
- Select New Rule next to the Permissions heading
- In the Add Permissions Rule to "X" Policy select "When an application at path and enter the path "/var/lib/cb/**"
- for Operation select Tries to perform any operations
- For action select Bypass and click add
Screenshot of the run creation:
Thank you for your feedback.
Your feedback has been submitted and will be reviewed.