ALLOWLIST MANAGEMENT
Allowlist defines all the processes or associated libraries that are allowed to execute. This section provides information about:
-
Managing the allow list at global and profile levels (Section Allowlist)
-
Defining exclusion list at global and profile levels (Section Exclusion List)
-
Defining the allowed publishers list for Windows (Section Publishers List (Windows Application Instances))
-
Defining the allowed packages list for Linux (Section Packages List (Linux Application Instances))
-
The role of Threat intelligence Service (Section Threat Intelligence Service)
-
Addition to the allowlist from detected incidents (Section Allowlist Addition from Detected Incidents)