Exploit Mitigation Exclusions

You can exclude applications from protection against security exploits.

Warning Think carefully before you add exclusions because it reduces your protection.

For example, you might want to exclude an application that is incorrectly detected as a threat until the problem has been resolved.

These applications are excluded from exploit protection for all your users and their devices.

If you want to exclude applications from exploit protection for some users or devices, you can do this using an Endpoint Threat Protection policy. See Threat Protection Policy.

If you want to exclude applications from exploit protection for some servers, you can do this using a Server Threat Protection policy. See Server Threat Protection Policy.

As adding exclusions reduces your protection, we recommend that you use policies to target users and devices where the exclusion is necessary rather than using this global option.

To exclude an application:

  1. Go to Overview > Global Settings > Global Exclusions.
  2. Click Add Exclusion (upper right of the exclusions list).
  3. In Exclusion Type, select Exploit Mitigation (Windows).

    You see a list of Protected Applications found on your network.

  4. Select an application you want to exclude.

    If you don’t see the application you want, click Application not listed? You can then exclude an application by its file path. Optionally, use any of the variables.

  5. Under Mitigations, you can:
    • Turn off Protect Application. The application won’t be checked for any exploits.

    • Keep Protect Application turned on and select the exploit types that you do or don’t want to check for.

  6. Click Add or Add Another. The exclusion is added to the list on the Global Exclusions page.

To edit an exclusion later, click its name in the exclusions list, enter new settings, and click Update.