exclude specific threat by policy

[sdnian 6]

In EEA/EES/EFSW, I can exclude file and specific threat name.. for example:

 

But in ERA 6 policy, how to set the 'Threat' field ?

[TomasP 316]

Hello sdnian,

 

Currently it is not possible to set an exclusion for a specific threat from ERA.

How do you imagine this would work? On the client, it can't be entered manually, it is only populated when you restore a file from the quarantine and choose to exclude it as well.

Without having the specific file in a local quarantine, you wouldn't be able to fill in the entry other than typing the full threat name, which is prone to typos and sensitive to the format in which it is entered and recognized.

 

Regards,

T.

[sdnian 6]

Hello,

 

Thanks for your reply. Could ESET consider to let the 'Threat' filed editable in ERA 6 policy? If so, that would be great. Sometimes, we want to enable detection of potentially unwanted/unsafe applications, but a few applications that we need to run also be detected. I known it's not FPs. So if we can just exclude specific threat, should help us to easy management ESET antivirus software. The threat string is not so hard to get, we could exclude it form any client first. Then copy it to right place.

[Marcos 5,074]

Yes, I created an improvement task for this several weeks ago as it's definitely a must-have feature.