Device Security
      Back to home
      1. Sittadel Knowledge Base
      2. Technical Operations
      3. Device Security

      Manage Defender Antivirus

      Use this operation to add or remove exceptions for Defender Antivirus scanning.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: Device Security

      Domain: TBD

      Modifies: TBD

      2024-12-17_9-49-52

      When to Perform this Operation

      As Needed: Proactive or in Response to User/Security

      Technical Description and Importance

      Managing Defender Antivirus exceptions ensures that specific files, paths, or processes can bypass antivirus scanning when necessary to maintain operational continuity or support critical applications. This capability is essential in scenarios where legitimate files or processes might trigger false positives, disrupting business workflows. Adding or removing exceptions allows organizations to maintain a balance between robust threat detection and the functional requirements of approved software. Routine management of exceptions reduces unnecessary risks while maintaining high operational efficiency and compliance with potential organizational requirements.

      Management Options

      2024-12-17_10-15-21

      Exempt a File Extension:

      Purpose
      Add or remove file extensions from the Defender Antivirus exclusion list.
      Use Case
      A new file type associated with a trusted application needs to bypass scanning to prevent interruptions.

      Exempt a File Path:

      Purpose
      Add or remove a file path from the Defender Antivirus exclusion list.
      Use Case
      A specific directory containing application logs is triggering false positives and needs exclusion.

      Exempt a File Process:

      Purpose
      Add or remove a process from the Defender Antivirus exclusion list.
      Use Case
      A trusted application process is flagged by Defender Antivirus and must be exempted for continued operation.

      2024-12-17_10-15-21-1

      Operation Action Target
      Exempt a File Extension Addition Defender Antivirus Extension Exceptions
      Exempt a File Path Addition Defender Antivirus Path Exceptions
      Exempt a Process Addition Defender Antivirus Process Exceptions

      Exempt a File Extension

      This operation adds or removes file extensions from the Defender Antivirus exclusion list to allow specific file types to bypass scanning.

             1. Defender Antivirus File Extension Exemption

      Exempt a File Path

      This operation adds or removes file paths from the Defender Antivirus exclusion list to prevent scanning of specific directories.

             1. Defender Antivirus File Path Exemption

      Exempt a Process

      This operation adds or removes processes from the Defender Antivirus exclusion list to enable trusted applications to run without interference.

             1. Defender Antivirus Process Exemption

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.