Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for Show only | Search instead for Did you mean: Announcements10-25-2023 01:46 AM
There is a user who is learning C/C++ and for the course, he has to do several small scripts.
Cortex XDR is blocking all created scripts, marking them as malicious.
These are written in VSCode, but because they are compiled and run as .exe, I can't just whitelist VSCode.
So I wanted to whitelist a folder or workspace, but I'm not finding how. I thought it would be under "EXCEPTIONS CONFIGURATION > Disable Prevention Rules" but my test didn't work.
Thank you for all the help.
Palo Alto Networks Cortex XDR Security Operations Palo Alto Networks Cortex XDR Security Operations 0 Likes Likes 1 accepted solution10-26-2023 02:36 AM
Thank you for reaching out to Palo Alto Live Community.
You can try to define specific files and folders to exclude from examination and allow for execution. In the Policy you want this to apply to, it's under 'Malware Security Profile' > 'Files/Folders in Allow List'.
Here is the link to the documentation that explains the process:
You may have to do this for each component - portable executables, office docs, scans. I've included a few screenshots where you would do this. The screenshots also have examples of the formatting.
Hope this helps!
Please mark the response as "Accept as Solution" if it answers your query.