Controlled Folder Access for Windows

Huntress Managed AV cannot currently manage Controlled Folder Access. It's something that needs to be set locally on a machine (or via Group Policy).

Controlled folder access - helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is included with Windows 10, Windows 11, and Windows Server 2019. Controlled folder access is also included as part of the modern, unified solution for Windows Server 2012R2 and 2016.

 How does Controlled folder access work?

Use controlled folder access

Controlled folder access in Windows Security reviews the apps that can make changes to files in protected folders and blocks unauthorized or unsafe apps from accessing or changing files in those folders.

1. Select Start > Settings > Update & Security > Windows Security > Virus & threat protection.
2. Under Virus & threat protection settings, select Manage settings.
3. Under Controlled folder access, select Manage Controlled folder access.

Switch the Controlled folder access setting to On or Off.

Occasionally, an app that is safe to use will be identified as harmful. This happens because Microsoft wants to keep you safe and will sometimes err on the side of caution; however, this might interfere with how you normally use your PC. You can add an app to the list of safe or allowed apps to prevent them from being blocked.

Audit mode allows you to test how the feature would work (and review events) without impacting the normal use of the device.

Please note that Controlled Folder Access will flag the Huntress Agent creating Ransomware Canaries. You'll need to allow the Huntress agent through to get the Canary files.