HIPS Protected Objects read-only access for files and directories

CIS V12.2.2.8012

While playing around once again with HIPS (Safe mode) I’ve found an interesting file/directory read-only access feature which is applicable to all trusted or untrusted applications.

For a file or a directory for which you want to have read-only access do:

  1. Add a file or a directory to “HIPS → Protected Objects → PROTECTED FILES”.
  2. Add the same file or directory to “HIPS → HIPS Rules → All Applications → ACCESS RIGHTS → Access Name → Protected files/folders → Exclusions → Modify → BLOCKED FILES/FOLDERS”


I had never thought that it would be that easy to have a long desired read-only access feature to protect my own files or directories against modification by trusted or untrusted applications. :slight_smile: