Sunwardsquash 1 Posted February 1, 2018 Share Posted February 1, 2018 Hello, What's the best way to easily whitelist things for a whole policy/site when you get an alert in the console? Is there a way to make that fast or do you need to go through the policy and make it manually every time? For example, whitelisting a PUP detection. Link to comment Share on other sites More sharing options...
ESET Moderators foneil 342 Posted February 1, 2018 ESET Moderators Share Posted February 1, 2018 I can't speak to the recommended security precautions needed, but what I typically see suggested is that each PUP should be done manually to make sure it's something you want whitelisted across your whole network. For others (and if you can confirm this is the process you would use), we do have this KB article for whitelisting: Restore a PUA in ESET Remote Administrator using a hash value and exclude it from detection (6.5) I'm not sure about existing content for automatically whitelisting, but as I said above, I'm not sure this is recommended anyway. Link to comment Share on other sites More sharing options...
Sunwardsquash 1 Posted February 1, 2018 Author Share Posted February 1, 2018 OK, thank you--managing through the quarantine makes sense! Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted February 1, 2018 ESET Staff Share Posted February 1, 2018 @Sunwardsquash Hello, as of now, you have to do it via the steps covered by Fer in the post above. In the next version of ERA, it will be possible to create exclusion directly form the "Threats" screen or the other way around, fill in the detected threats when doing a policy. Link to comment Share on other sites More sharing options...
Recommended Posts