Fix policy exclusions
Ensure that exclusions in your endpoint or server Threat Protection policies aren't a security risk.
We recommend that you make as few exclusions as you can and apply them to as few resources and devices as you can.
This page shows how to fix an endpoint policy, but the steps are the same for endpoint and server policies.
If Account Health Check warns that exclusions are causing a significant security risk, do as follows:
In the warning, click the arrow beside each exclusion to see why it's risky.
You might see warnings for multiple exclusions in a policy, or for multiple policies.
Click the policy name.
The Exclusions section of the policy opens. Select each exclusion that's causing a risk and click the cross on the right to delete it.
Click Save at the top of the policy page.
Go to Account Health Check. The policy exclusions check now shows that your exclusions are secure.