This guide will show an administrator how to configure a directory path that will be excluded from Defender Antivirus interference.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: Device Security
Domain: Antivirus Management
Modifies: Defender Antivirus Path Exclusions
Defender Antivirus Path Exclusion
- Navigate to the Antivirus – Intune portal, locate and select the Security Essentials Defender Exclusion policy or an equivalent Antivirus Exclusion policy.
- Scroll down to Configuration Settings and select Edit.
- The default rules will be displayed. Locate the Excluded Paths option, select the Add button below the previously listed header. A text box will be generated where you can specify the necessary folder path. It is recommended that these are not commonly used locations – such as the Downloads or Documents folder – but instead locations used by approved custom applications. Along with this, it is highly discouraged to create a path that users are aware bypasses antivirus scanning. Paths included here should not be known to the user and used for application functionality only, if the user places a downloaded file in this known bypassed location that is malicious it could introduce risk to the system. Select Next to continue.
- From the Review section, you will be able to select the Settings dropdown to verify that the necessary exclusions are properly generating. Select Save to finalize the necessary file extension exclusion. Rule changes propagate in less than 24 hours.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.