Device Security
      Back to home
      1. Sittadel Knowledge Base
      2. TechOps
      3. Device Security

      Manage Defender Antivirus

      Use this operation to add or remove file extensions, file paths, or processes from Defender Antivirus exclusions.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: Device Security

      Domain: Antivirus Management

      Modifies: Defender Antivirus Extension Exception, Defender Antivirus Path Exception, Defender Antivirus Process Exception

      2024-12-17_9-49-52

      When to Perform this Operation

      As Needed: Proactive or in Response to User/Security

      Technical Description and Importance

      Managing Defender Antivirus exclusions ensures that necessary applications and files operate without interference while maintaining overall system security. Exempting specific file extensions, file paths, or processes can be required for performance reasons, compatibility with business-critical applications, or reducing false-positive detections. However, unnecessary exclusions can create security risks by allowing malicious files to execute without detection. Routine reviews and validation of exclusions help maintain an effective security posture while supporting operational needs.

      Management Options

      2024-12-17_10-15-21

      Exempt a File Extension:

      Purpose
      Add a file extension to Defender Antivirus exclusions to prevent it from being scanned.
      Use Case
      A proprietary software tool generates log files that are mistakenly flagged as threats, disrupting automated workflows.

      Exempt a File Path:

      Purpose
      Add a specific file path to Defender Antivirus exclusions to prevent files in that location from being scanned.
      Use Case
      A database application requires exclusion of its working directory to avoid performance degradation during intensive queries.

      Exempt a File Process:

      Purpose
      Add a process to Defender Antivirus exclusions to prevent it from being scanned or blocked.
      Use Case
      A background system process essential for patch management is incorrectly identified as a threat, preventing updates from deploying.

      2024-12-17_10-15-21-1

      Operation Action Target
      Exempt a File Extension Addition Defender Antivirus Extension Exception
      Exempt a File Path Addition Defender Antivirus Path Exception
      Exempt a Process Addition Defender Antivirus Process Exception

      Exempt a File Extension

      This operation adds a specific file extension to Defender Antivirus exclusions to prevent it from being scanned.

             1. Defender Antivirus Extension Exemption

      Exempt a File Path

      This operation adds a file path to Defender Antivirus exclusions, preventing all files within the specified directory from being scanned.

             1. Defender Antivirus File Path Exemption

      Exempt a Process

      This operation adds a process to Defender Antivirus exclusions, preventing it from being scanned or blocked during execution.

             1. Defender Antivirus Process Exemption

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.