Skip Navigation
  1. BlackBerry Docs
  2. CylanceMDR
  3. CylanceMDR Release Notes
  4. CylanceMDR protection enhancements

CylanceMDR
 protection enhancements

Due to some emerging threats,
CylanceMDR
 has implemented the following
CylanceOPTICS
 rules for improved security and telemetry for analysts. These rules are already in effect and no further action is required from your organization.

Latest enhancements (November 2024)

Threat or vulnerability
Description
Updated rule for advanced detection of
Windows Defender
 exclusion added via PowerShell
  • Rule Name
    : "Windows Defender Exclusion Added via Powershell"
  • MITRE Techniques
    : T1562, T1562.001, T1059.001, T1059
  • Description
    : This rule detects files or folder exclusions added to
    Windows Defender
     settings that may be an attempt to tamper with
    Windows Defender
     to possibly hide activity or evade detection.
  • Platform
    :
    Windows
  • Additional Reference
    : Medium