McAfee ATP rules for blocking/preventing unauthorized use of PowerShell
We are planning to disable PowerShell Completely in our environment. But we see it may cause many issues if we block it completely.
Can we use McAfee ATP to allow PowerShell in secure mode & it should block/prevent unauthorized use of PowerShell. I browsed KB82925, but I can see many Rules that can prevent PowerShell unauthorized access. Can you please suggest which exact rule can be enabled with less false positives to prevent unauthorized PowerShell access?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.