Jump to content
Malwarebytes Endpoint Security reached End of Life on August 4th 2021. Click for more details.

Anti-Exploit exclusion

Drea
 Share

Recommended Posts

Drea

Drea

Posted
Posted (edited)

@pbust

I just want to make sure I understand this right,

" The Anti-Exploit exclusions are only for detections of exploit techniques in Layer3 (Application Behavior Protection). If the block happens in any of the other 3 layers which deal with memory based exploit mitigations, there is no file or folder to exclude as the block happens earlier in the chain. "

So, you're saying that it is not necessary to add exclusions because an error or virus, etc, has not been detected?  

Edited by celee
Link to post
Share on other sites
  • Staff
pbust

pbust

Posted
  • Staff
Posted

Welcome to the forum Drea.

MBAE includes 4 layers of protection, from Layer0 to Layer3. Some detections happen in Layers0 or Layer1 which is very early in the attack chain, way before the malware payload is even delivered from the attacker to the machine. Some detections are Layer3, where we block the malware payload from executing on the machine. Only when there is a malware payload blocked by Layer3 can we add exclusions for these types of payloads.

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.