https://community.cisco.com/t5/endpoint-security/blocking-file-types/m-p/3906211#M3003 <P>I am trying to figure out how to block certain types of files from being created on the workstation using AMP.&nbsp; &nbsp; The example is I want to prevent a user from drag and dropping an email onto their local drive (.msg) file.&nbsp; &nbsp; I have been told I may be able to create a custom signature for this, but the custom signature documentation is really complicated to understand and figure out what the syntax actually needs to be.&nbsp; Has anyone actually done this or ran across this?&nbsp;</P><P>&nbsp;</P><P>Thanks,</P><P>Jim&nbsp;</P> Fri, 21 Feb 2020 05:10:22 GMT JimBaucom0912 2020-02-21T05:10:22Z https://community.cisco.com/t5/endpoint-security/blocking-file-types/m-p/3906211#M3003 <P>I am trying to figure out how to block certain types of files from being created on the workstation using AMP.&nbsp; &nbsp; The example is I want to prevent a user from drag and dropping an email onto their local drive (.msg) file.&nbsp; &nbsp; I have been told I may be able to create a custom signature for this, but the custom signature documentation is really complicated to understand and figure out what the syntax actually needs to be.&nbsp; Has anyone actually done this or ran across this?&nbsp;</P><P>&nbsp;</P><P>Thanks,</P><P>Jim&nbsp;</P> Fri, 21 Feb 2020 05:10:22 GMT https://community.cisco.com/t5/endpoint-security/blocking-file-types/m-p/3906211#M3003 JimBaucom0912 2020-02-21T05:10:22Z https://community.cisco.com/t5/endpoint-security/blocking-file-types/m-p/4761773#M7272 <P>Hi Dear Guru's&nbsp;</P> <P>Is there any way to block specific file extension on cisco AMP portal without knowing of its Hash Please help&nbsp;</P> Wed, 25 Jan 2023 06:51:28 GMT https://community.cisco.com/t5/endpoint-security/blocking-file-types/m-p/4761773#M7272 tanzeelur.rehman1 2023-01-25T06:51:28Z