Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Bitdefender GravityZone Whitelisting allows system administrators to create a whitelist of trusted applications based on their digital signatures, file paths, or other attributes. These trusted applications are considered safe and are allowed to run without any restrictions or additional security checks.

The primary executables of CyberCNS which can be whitelisted are as below:

​cybercnsagent.exe
cyberutilities.exe
nmap.exe
osqueryi.exe
cybercnsagentmonitor.exe 

For remote assets getting scanned via Probe Agent:

  • Whitelist the below executable path of the dissolvable agent into a remote asset.  "C:\windows\CyberCNS_DissolvableAgent" 

  • To whitelist the folder on the remote asset, use the installation folder path i.e “C:\Windows\CyberCNSAgent”

Please follow the below steps to whitelist the CyberCNS Folder from Exclusion.

  • The “Folder” type of exclusion can be added in the Bitdefender GravityZone console which helps exclude all files and processes inside the specified folder and from all its subfolders.

  • Type: Folder ; Path : C:\Program Files\Application\

  • Folder exclusion (Examples):

C:\Test\*- excludes all folders from the Test folder

C:\Test– excludes all files and folders under the Test folder

  • For network vulnerabilities detection using a probe agent, nmap is used from the location C:\ProgramFiles<x86>\CyberCNS AgentV2\nmap\nmap.exe

  • Please allow port scanning from probe agent to help determine vulnerabilities.

Steps to be followed In the Bit Defender

  • In the Bit Defender, Navigate to -> Policies → Click on Add.

  • Navigate to Antimalware → Select On-Execute

  • Default action for infected application should be set to Take no action.

  • Navigate to Settings.

  • Enable In-policy exclusions and then select Type as Folder give the path as "C:\Program Files (x86)\CyberCNSAgentV2” and then click on Save.

  • Select the configured policy and then click on Set as Default.

  • After applying the policies the cybercns agent is now allowed to scan.

  • Navigate to Threats Xplorer in General view section to view the process.

  • Here is the scan report from bitdefender.

  • Confirm the configured Policy is applied for the endpoint by navigating to Network and then clicking on the endpoint to verify.

  • Below is the screenshot of the endpoint machine that excluded the CyberCNS folder from scanning.

This completes the Bitdefender GravityZone Whitelisting documentation.

  • No labels