Knowledge Base

Yes

Environment

Carbon Black Cloud Console: All Versions
Endpoint Standard Sensor: All Versions
Microsoft Windows Defender

Question

What are the Permissions needed to not scan Windows Defender?

Answer

The following should be added to the Permissions section of the Policies page:

Application at path: *:\ProgramData\Microsoft\Windows Defender\** 
**\Program Files*\Windows Defender*\**
Operation attempt: Performs any operation
Action: Bypass

Additional Notes

For assistance in creating these permission rules, please see: https://community.carbonblack.com/t5/Knowledge-Base/Endpoint-Standard-How-to-Create-Policy-Blocking-...

Knowledge Base

Endpoint Standard: What Permission Rules are needed for Windows Defender?

Endpoint Standard: What Permission Rules are needed for Windows Defender?

Environment

Question

Answer

Additional Notes

Related Content

Carbon Black Cloud

Endpoint Standard

Knowledge Base

Endpoint Standard: What Permission Rules are needed for Windows Defender?

Endpoint Standard: What Permission Rules are needed for Windows Defender?

Environment

Question

Answer

Additional Notes

Related Content

Carbon Black Cloud

Endpoint Standard

Thank you for your feedback.

Thank you for your feedback.