Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
degrotef
Contributor

Missing feature in HEC: define attachment types to be blocked

Hello,

we are on our way migrating to HEC and in our former SEG we blocked most potentially dangerous files (exe, bat, ...) as well as old MS Office formats like .doc, xls, ppt etc. by default. Now I see that this feature is not availabe in HEC. Why? Is the strategy, that HEC is so good in discovering malware or malicious files, that there is no need to block certain attachments? Not even exe? 

I think it would be worth a feature request for defining attachment types beeing blocked by default.

Thanks,

Frank

0 Kudos
3 Replies

Interested in your feedback, why did you do this in your SEG rather than natively in O365/EOP?

As it currently stands this is something we plan to add in the near term to limit multiple points of management for security controls.

0 Kudos
degrotef
Contributor

Hi,

this was configured in a combination SEG -> Exchange onprem, prior to moving to O365. We left the configuration there, because we dont want several administrative frontends (SEG, EOP). Would be nice to have the possibility to configure it in HEC.

Frank

Can confirm it's in the near term plans. 🙂

0 Kudos