Team: Huntress EDR
Product: Managed Defender Antivirus
Environment: Managed AV (MAV)
Summary: Managed Defender AV exclusions can be set on the account, organization, or host level. These exclusions can be paths, extensions or processes.
Creating Microsoft Defender AV Exclusions
Exclusions can be set on the account, organization, or host level (depending on inheritance settings).
To create exclusions on the account or organization level, click on "Configure" within the Managed Antivirus Status table on the Managed AV page of the Account or organization. After selecting inheritance settings (if available) you will be able to enter the exclusions.
- Path exclusions - type out the path you want to exclude (i.e., C:\ProgramName\Databasefolder)
- Extension exclusions - type the extension name of extensions you'd like to exclude from scanning (ie. .txt, .docx, etc. <-- don't exclude these)
- Process exclusions - type the full path of programs you'd like to exclude (i.e., C:\tester.exe)
The Huntress Managed AV Dashboard supports wildcards.
For more information on Path/Extension exclusions, please see https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.
Please sign in to leave a comment.