You can exclude a process by hash under Management > Exclusions. Create/edit an exclusion set, click Add Exclusion > File and you'll see the following message, "You can provide path and/or SHA-256. If you specify both a path and SHA-256 then both conditions must be met for the process to be excluded.". For more information, I suggest referring to the User Guide in the AMP Documentation Page.
today you can only configure a process exclusion with the full patch to the executable. There is no option to classify an executable without path, so the exclusion would work independent from the executables path.
If the executable is located in several directories, sorry to say, you have to generate multiple exclusions. I would suggest generating an own exclusion list for this.
You may also ping your Cisco representative to open a Feature Request for this.
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM.
Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita...
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion
APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks.
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe...
The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th...