![]() I did have a situation where there was a big delay between the quarantine of the BE file and when it released it, which I guess was a latency issue between my client and their DB, but when I added the hash to my global safe-list the file is allowed instantly. Files white-listed by Cylance are processed online when your client queries their DB with the files hash, but there's also the global safe-list, which I believe is stored somewhere locally. I'm speculating here, but it seems to handle false-positives in a strange way. Like the battleye anti-cheat I mentioned above, Cylance will still periodically alert on that file, but it spits it back onto my system when it queries their database with the MD5/SHA hash. You add an exclusion with a files MD5 or SHA hash in something they call a global safe list for your clients, but I didn't see any option to white-list a whole folder.Īs I mentioned above, it does manually correct false-positives from files that are white-listed by Cylance. Support fixed it in a few days, and now it seems to be notifying correctly. It was blocking an anti-cheat file for me a couple of days ago, and I couldn't white list the file it was blocking as I had no idea what it was doing. The web console is also where you add exclusions, but like that review above mentioned, there seems to be a bug with the blocking of certain files where it's not listing files that it is blocking. The program is basically pre-configured and you don't have to tinker with it at all. Auto protect against suspicious files and send files to cloud. There's three in the console: Auto protect against abnormal files. The settings you can choose are fairly limited. ![]() But there's no way to launch a full system scan. It seems to scan the running processes when you install, and it should quarantine anything it identifies as malicious at that point. My guess is that the remediation isn't as good as something like webroot, malwarebytes, etc.
0 Comments
Leave a Reply. |