Files don't seem to be handled as they should in the SandBlast Agent Anti-Ransomware, Behavioral Guard and Forensics Blade, Default Quarantine File Policy
- Users are still allowed to restore items from quarantine even though we have this unticked.
- Files are not copied to central location. (share permissions are set to most nonrestrictive)
We have used SandBlast Agent Remediation Manager for Administrators but can not see quarantined files on the central location or the users local quarantine folder.
All we really need is a away to identify a quarantine's file hash in order to add it to the exclusion list.
Any help would be very much appreciated.