eitanc 2 Posted August 3 Posted August 3 Hi, I received an alert like the following: " Module HTTP filter - Threat Alert triggered on computer PCNAME: https://beacon.riskified.com/?shop=wolt.com contains JS/Fingerprint.B potentially unsafe application. " I wish to have this potentially unsafe application stay enabled in general, but excluded for the relevant full URL, domain or sub-domain - but I didn't find a way to do it. Is there a way to do it?
itman 1,809 Posted August 3 Posted August 3 Refer to this recent posting on the issue: https://forum.eset.com/topic/41524-jsriskwarefingerprintb-riskified/ . Appears there still isn't a way to exclude the detection.
Administrators Marcos 5,468 Posted August 4 Administrators Posted August 4 11 hours ago, itman said: Refer to this recent posting on the issue: https://forum.eset.com/topic/41524-jsriskwarefingerprintb-riskified/ . Appears there still isn't a way to exclude the detection. The detection can be excluded for a specific url via detection exclusions in the advanced setup. However, in ESET PROTECT it not possible to edit the path when creating a detection exclusion so it would not work for urls that change.
eitanc 2 Posted August 8 Author Posted August 8 On 8/4/2024 at 11:19 AM, Marcos said: The detection can be excluded for a specific url via detection exclusions in the advanced setup. However, in ESET PROTECT it not possible to edit the path when creating a detection exclusion so it would not work for urls that change. Hi @Marcos, the advanced setup of the latest NOD32 > Detect Engine > Detection Exclusions > Add - allows a "path" value of only local drive path (e.g. c:\folder\file), not URLs, per its help page, https://help.eset.com/eav/17/en-US/idh_detection_exclusion.html
Administrators Marcos 5,468 Posted August 8 Administrators Posted August 8 I didn't find any mention of that url could not be used in the path in the help. It should work.
Solution itman 1,809 Posted August 8 Solution Posted August 8 30 minutes ago, Marcos said: I didn't find any mention of that url could not be used in the path in the help. It should work. I just tried to do so. Eset allow entry of URL w/o issue;
eitanc 2 Posted August 8 Author Posted August 8 11 minutes ago, itman said: I just tried to do so. Eset allow entry of URL w/o issue; Thank you @itman, cool! I tested it now, even by using a path of https://beacon.riskified.com/* and it works as expected. But, as I noted, if you click the question mark in this windows, you get to a help page, URL added above, about this window, that doesn't mention anything about the ability to use URL and wildcards in the path field, and it is a shame - you have the ability in the product but you don't guide customers to use it, so customers cannot get more precise protection and you do not get good reviews from customers. Better enhance this help page.
Administrators Marcos 5,468 Posted August 9 Administrators Posted August 9 11 hours ago, eitanc said: Better enhance this help page. Appreciate the feedback. Noted and reported to the documentation team. P_DOC-14762
Recommended Posts