Policy settings
Item | Description |
|---|---|
Policy name | The name of the policy |
User ID | Your unique console ID To get your user ID, do one of the following:
|
Prevent unsafe files from executing before they can potentially do damage | Automatically quarantine unsafe files |
Prevent abnormal files from executing before they potentially do damage | Automatically quarantine abnormal files
Prevent unsafe files must be selected before you can select Prevent abnormal files. |
Allow auto-deletion of quarantined files | Automatically deletes quarantined files after the set number of days
|
Enable auto-upload | Automatically uploads unsafe or abnormal portable executable files (PE) that Cylance has not analyzed before |
Enable memory protection | Used to detect or block exploit attempts on the device |
Prevent service shutdown from device | Protects the Cylance service from being shutdown manually or by another process |
Kill unsafe running processes and their sub-processes | Terminates processes, and their sub-processes, regardless of state when a threat is detected |
Background threat detection | Performs a full disk scan to detect and analyze any dormant threats on disk |
Watch for new files | The agent will detect and analyze new or modified files for dormant threats |
Exclude specific folders (includes subfolders) | Exclude folders, including subfolders, from Background threat detection and Watch for new files
|
Set maximum archive file size to scan: X MB (size range 0-150MB) | Set the maximum archive file size the agent will scan |
Enable script control | Alerts or blocks active script and PowerShell scripts from running
|
Enable device control | Protects devices by controlling USB mass storage devices connecting to devices |
External storage exclusion list | Exclude USB mass storage devices from the device control feature |
Add an exclusion | Add an exclusion for a USB mass storage device; vendor ID is required |