What are the folders and processes that you exclude? -->
1. Internal folders that used by the application that running from them or writing logs\info into them, for example chrome that write to its own folders
in %programfiles% or %programdata%.
this done by the signer of the application and the destination.
1. Other vendors processes like windows defender or Kaspersky, its done by the signer.
2. Specific list of processes that monitor or creating large activity on the system like processes explorer, java IDE and more.
its done base on the signer and name
Does excluding by default the well known vendors mean you don't have to add, for instance, the recommended Microsoft exclusions? --> Correct
if you wish we can do a short zoom session and i can explain more about our exclusion system.