EDR Wildcard/Regex Exclusions?

Y'ello all!

Currently running TDR on endpoints, and have several exclusions in place. I've been poking around re-creating the TDR settings with EDR core, and have hit a roadblock - exclusions don't allow wildcards in paths!

We have a few applications (ClickOnce deployed) that we develop in-house that we were able to add to the exclusion list with TDR using some creative wildcards, but apparently can't with EDR. (for those not aware, clickonce applications are installed in C:\Users\\AppData\Local\Apps folder, under a psudo-randomly generated folder name)

Is exclusion wildcards/regex something on the radar to allow in future? In my eye, pure regex is the superior choice, but I'll take what I can get.



Sign In to comment.