Device Security
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Device Security

      Defender Antivirus Process Exclusion

      This guide will allow administrators to configure a process that will be excluded from Defender Antivirus interference.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: Device Security

      Domain: Antivirus Management

      Modifies: Defender Antivirus Process Exclusions

      Defender Antivirus Process Exclusion

      1. Navigate to Antivirus – Intune, locate the Security Essentials Defender Exclusions configuration item.
      2. Scroll down to Configuration Settings and select Edit.
      3. Find the Excluded Processes line item and click the radio button to the right to Configured.
      4. In the box below, enter the processes which Defender Antivirus should ignore. It is recommended that these are not commonly used processes or processes which could be used to spawn in malware – such as explorer.exe, lsass.exe, etc. Enter the full path to where the process executes from as seen on the endpoint.
      5. Click Review and Save on the next page, followed by Save. Rule changes propagate in less than 24 hours.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.