Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gro_Tea
Contributor
Jump to solution

Missing feature in HEC: define attachment types to be blocked

Hello,

we are on our way migrating to HEC and in our former SEG we blocked most potentially dangerous files (exe, bat, ...) as well as old MS Office formats like .doc, xls, ppt etc. by default. Now I see that this feature is not availabe in HEC. Why? Is the strategy, that HEC is so good in discovering malware or malicious files, that there is no need to block certain attachments? Not even exe? 

I think it would be worth a feature request for defining attachment types beeing blocked by default.

Thanks,

Frank

0 Kudos
1 Solution

Accepted Solutions
SimonDrapeau
Employee
Employee
 

Menu Settings / Anti-Malware Exceptions / Block-List / Create Block-List Rule 

 

 

 

 

View solution in original post

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

Interested in your feedback, why did you do this in your SEG rather than natively in O365/EOP?

As it currently stands this is something we plan to add in the near term to limit multiple points of management for security controls.

CCSM R77/R80/ELITE
0 Kudos
Gro_Tea
Contributor

Hi,

this was configured in a combination SEG -> Exchange onprem, prior to moving to O365. We left the configuration there, because we dont want several administrative frontends (SEG, EOP). Would be nice to have the possibility to configure it in HEC.

Frank

Chris_Atkinson
Employee Employee
Employee

Can confirm it's in the near term plans. 🙂

CCSM R77/R80/ELITE
0 Kudos
SimonDrapeau
Employee
Employee
 

Menu Settings / Anti-Malware Exceptions / Block-List / Create Block-List Rule 

 

 

 

 

0 Kudos
Upcoming Events

    CheckMates Events