I had to add exclusion for one "false+" and recall you can add it very specifically just for that app and for the issue it spotted as defined in the alert notice / report. But that was 2 months ago and I don't recall the exact procedure. I do recall that support at cyberforce was helpful, and I followed their instructions and created that specific exception for that app and it then ran aok.
Policy --> Allowlist
I also recall that you can select & exclude a very specific threat, console presents a list and it showed me 4 items but was a dropdown list which was not immediately obvious, which lists several more "threats" -- eg my block was Reflective DLL Injection, I excluded that threat for that app, and the app then ran great. That is the only "false+" that Di has found after running +60 days.
my Di shows v. 4.0.0.9 both before and after I hit the "check for updates" button...
we have different resellers, yes??
Maybe check again in a couple of hours. We both got it from the same reseller and even if we didn't, that shouldn't be an issue. Do you have automatic upgrade of the client enabled in your online dashboard?my Di shows v. 4.0.0.9 both before and after I hit the "check for updates" button...
It's done via connecting to the web management console. There you can add exceptions to folders and files.
ah I think that was my problem, I was adding the exclusion file but I did not manually check for updates so the problem still persisted and I was thinking, it wasnt running well
No not yet, at 2350 utc sunday. I just ran check but I was busy earlier and did not login to console yet.
New version of Deep Instinct is blocked by Smart App Control. I really hate that you can't add exclusions to it. It's so annoying. Now I have to disable Smart App Control until I reset my Windows again...
still 4009 at 1730 utc monday, will login to Di console soon. On this win10 doubt I have SAC running (if SAC runs on win10 -- looks like win11 feature...)New version of Deep Instinct is blocked by Smart App Control. I really hate that you can't add exclusions to it. It's so annoying. Now I have to disable Smart App Control until I reset my Windows again...
Made the time to login to DeepInstinct console and 4.0.0.14 is sitting there waiting to be downloaded. Under Policy | Windows | D-Client Automatic Upgrade is "Disabled" -- not sure if that is default or if I did that on purpose. If me, I don't recall why. So manually deploying ..14 after I post this.New version of Deep Instinct is blocked by Smart App Control. I really hate that you can't add exclusions to it. It's so annoying. Now I have to disable Smart App Control until I reset my Windows again...
Didn't @Andy Ful found something that can be used to enable/disable SAC anytime?New version of Deep Instinct is blocked by Smart App Control. I really hate that you can't add exclusions to it. It's so annoying. Now I have to disable Smart App Control until I reset my Windows again...
Why don't you just set it to automatic and let DeepInstinct do the rest? Maybe this works.Made the time to login to DeepInstinct console and 4.0.0.14 is sitting there waiting to be downloaded. Under Policy | Windows | D-Client Automatic Upgrade is "Disabled" -- not sure if that is default or if I did that on purpose. If me, I don't recall why. So manually deploying ..14 after I post this.
EDIT downloaded 4.0.0.14 installer, ran it but D-Client still reading 4.0.0.9 (assume user error) sent email to support...
If he did, then I missed it.Didn't @Andy Ful found something that can be used to enable/disable SAC anytime?
Didn't @Andy Ful found something that can be used to enable/disable SAC anytime?
and load the SYSTEM HIVE from the Windows\system32\config. In this way, one can change two registry values:
www.elevenforum.com
Thanks a lot for taking the time to explain it again. Appreciate it!I wrote about it a few times.
There is a proven method of turning SAC ON by using CMD from the Recovery Environment (it is different from CMD in Safe Mode). One has to use the boot method:
Troubleshoot >> Advanced options >> Command Prompt, and run regedit.exe . Next, one has to find the drive with the installed Windows (it can be different from C
View attachment 277270
View attachment 277269
The data for the registry values VerifiedAndReputablePolicyState and VerifiedAndReputablePolicyStateMinValueSeen are equal to 0, but should be changed to 1.
On some computers, SAC can be turned ON by changing only the first value (VerifiedAndReputablePolicyState), and this can be done without a problem from the normal Windows session after running regedit.exe with Admin rights. This method works well on my 2 computers but does not work on the third. It can be found via Google, for example:
In the article are also included the .reg files to automate the job without manual registry editing.Turn On or Off Smart App Control in Windows 11
This tutorial will show you how to manually turn on or off Smart App Control in Windows 11. Smart App Control (SAC) is a new security feature starting with Windows 11 build 22567. Smart App Control can work alongside your other security software, such as Microsoft Defender, for added...
of course you are correct! factoid, downloading that file and trying to manually install it on computer where Di is already installed results in update failure. The only way to get update is to change the policy in console to automatically update ENABLE (or so I'm told by support tech). Did that and ..14 is now installed on first, one more to go. Do you recall: is that feature default setting enabled or disabled, I just don't recall changing it if default is Enabled (& I take notes too)
