Support

Support for business applications

Kaspersky Endpoint Security Cloud

Kaspersky Endpoint Security Cloud Management Console

Adaptive Anomaly Control

Changing exclusions to Adaptive Anomaly Control rules

Kaspersky Endpoint Security Cloud
Knowledge Base Online Help
Advice & Solutions FAQ Download latest version Try Buy Renew Forum Contact support Recovery tools

Changing exclusions to Adaptive Anomaly Control rules

December 19, 2024

ID 231584

You can add, modify, and delete exclusions to Adaptive Anomaly Control rules.

Adding exclusions

You can add exclusions in either of the following ways:

To add an exclusion to an Adaptive Anomaly Control rule:

  1. Proceed to the Adaptive Anomaly Control settings page.
  2. Select the check box next to required rule.
  3. Click the Edit button.

    The Exclusions from rule <rule name> window opens.

  4. Click the Add button.

    The Add an exclusion window opens.

  5. Define the exclusion settings:
    • Source process and Source object

      The object that performed the detected actions (for example, a file that the user opened).

    • Target process and Target object

      The object on which the detected actions were performed (for example, a browser that uses a library that is loaded into the computer memory as a result of opening the file).

  6. Click OK to close the Add an exclusion window.

The added record appears in the list of exclusions in the Exclusions from rule <rule name> window.

Modifying exclusions

To modify an exclusion to an Adaptive Anomaly Control rule:

  1. Proceed to the Adaptive Anomaly Control settings page.
  2. Select the check box next to required rule.
  3. Click the Edit button.

    The Exclusions from rule <rule name> window opens.

  4. Select the check box next to the required exclusion.
  5. Click the Edit button.

    The Add an exclusion window opens. It contains details about the selected exclusion.

  6. Make the necessary changes.
  7. Click OK to close the Add an exclusion window.

The modified record is displayed in the list of exclusions in the Exclusions from rule <rule name> window.

Deleting exclusions

You may want to delete an exclusion from an Adaptive Anomaly Control rule if, for example, you added it by mistake.

To delete exclusions from an Adaptive Anomaly Control rule:

  1. Proceed to the Adaptive Anomaly Control settings page.
  2. Select the check box next to required rule.
  3. Click the Edit button.

    The Exclusions from rule <rule name> window opens.

  4. Select the check boxes next to the required exclusions
  5. Click Delete.

The deleted exclusions disappear from the list of exclusions in the Exclusions from rule <rule name> window.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.