Learn how to whitelist certain paths, files, processes and URLs in CrowdStrike
To ensure full compatibility and avoid possible conflict between CrowdStrike and Safetica, you must exclude certain files, folders, and URL addresses from being scanned for threats by CrowdStrike.
The list of files and URLs to exclude can be found here.
Syntax of exceptions:
Please ensure that the correct syntax is used when adding exclusions. For example:
- Program Files\Safetica\** — This includes all subfolders within the Safetica folder.
- Login to the Falcon console, go to Endpoint Security > Configure > Exclusions
- Go to SENSOR VISIBILITY EXCLUSIONS
- Click Create exclusion
Add new sensor visibility exclusion pop-up window appears - Choose hosts to target:
- Select either All hosts or Groups of hosts. Choose Groups of hosts, when you want to select target host groups
- Click Next
- Complete the SVE exclusion configuration:
- In the EXCLUSION PATTERN field, add the target filtering using Glob syntax For information on Glob syntax, on the right-side of the EXCLUSION PATTERN field, click Glob guidelines
- (Optional but strongly recommended) In PATTERN TEST field, add the pattern and click TEST PATTERN Keep editing the patterns and run tests to ensure the exclusion pattern matches with the pattern in the PATTERN TEST field c. (Optional) In COMMENT FOR Audit LOG (RECOMMENDED), add any comments to audit your log activity easier
- Click Create Exclusion
- To confirm the creation, a new Confirm sensor visibility exclusion pop-up windows appears
- Click CONFIRM AND CREATE