Poll

Yes or No?

Yes
Maybe
No

Author Topic: Add filehash-based file exclusions  (Read 611 times)

Offline abe96

  • Newbie
  • *
  • Posts: 13
Add filehash-based file exclusions
« on: December 14, 2017, 06:23:39 AM »
1. What actually happened or you saw:
In CCAV I can only exclude a file by its path. But what if the file has been changed or infected?
Not a common case but it's possible, like shared files getting overwritten by other computer.

2. What you wanted to happen or see:
Wish I could exclude a file from getting sandboxed or scans by its SHA1.

3. Why you think it is desirable:
It's safer and making things easier.
In CIS I can simply trust a file in file list so it won't get blocked again, even after I move it to elsewhere.

4. Any other information, screenshots etc:
Nope.



 !ot!...maybe I shouldn't say this but I feel CCAV is getting more and more like CIS after every update? Not sure it's a good sign or a bad sign.

Offline abe96

  • Newbie
  • *
  • Posts: 13
Re: Add filehash-based file exclusions
« Reply #1 on: December 14, 2017, 06:33:20 AM »
Oh sh*t I completely forget we got trusted application in CCAV.
I feel stupid now.


But it still can be an idea I guess? Since CCAV using file path to exclude by default when responding to alerts.
« Last Edit: December 14, 2017, 07:06:45 AM by abe96 »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek