cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Zebu
Level 9
Report Inappropriate Content
Message 1 of 2

Hash and/or certificate based exclusion in On Access Scan

Jump to solution

Hello,

Would it be possible to add hash and/or certificate exclusions in OAS like in access protection or exploit prevention and not just processes, folders, extensions, etc...

Thank you!

1 Solution

Accepted Solutions
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 2

Re: Hash and/or certificate based exclusion in On Access Scan

Jump to solution

Hi @Zebu 

I'm afraid there is no such functionality at this time. For this you could raise a PER (Product Enhancement Request).

Certificate exclusions can be achieved in a way by leveraging the GetClean Tool. If you use the OAS scanning option "Let McAfee Decide" then you will benefit from the AMCORE Trust Model which amongst other things has some embedded exclusions in place. You can help populate our Trust Store by submitting your GetClean results. The AMCORE team review these submissions and evaluate if there are any Certificates that they can add to the Trust Model as known safe. This in turn will reduce your need for exclusions. More on this can be found: 

KB66909 >> "The Microsoft exclusions and McAfee applications listed in this article are not needed for ENS if you select the option Let McAfee Decide when choosing when to scan files with the on-access scanner. For more information about how the option Let McAfee Decide uses the AMCore trust model for scan avoidance, see the community post at: https://community.mcafee.com/t5/Documents/Explanation-of-AMCore-Trust-Model-v1p3-pdf/ta-p/550630."

View solution in original post

1 Reply
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 2

Re: Hash and/or certificate based exclusion in On Access Scan

Jump to solution

Hi @Zebu 

I'm afraid there is no such functionality at this time. For this you could raise a PER (Product Enhancement Request).

Certificate exclusions can be achieved in a way by leveraging the GetClean Tool. If you use the OAS scanning option "Let McAfee Decide" then you will benefit from the AMCORE Trust Model which amongst other things has some embedded exclusions in place. You can help populate our Trust Store by submitting your GetClean results. The AMCORE team review these submissions and evaluate if there are any Certificates that they can add to the Trust Model as known safe. This in turn will reduce your need for exclusions. More on this can be found: 

KB66909 >> "The Microsoft exclusions and McAfee applications listed in this article are not needed for ENS if you select the option Let McAfee Decide when choosing when to scan files with the on-access scanner. For more information about how the option Let McAfee Decide uses the AMCore trust model for scan avoidance, see the community post at: https://community.mcafee.com/t5/Documents/Explanation-of-AMCore-Trust-Model-v1p3-pdf/ta-p/550630."

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community