Comments for Anti-Malware and DLP Allow-List Entries

Posted by jonathango on August, 8, 2022

Administrators can now add comments to Anti-Malware and DLP allow-List entries.

Allow-list is a temporary aggressive measure put in place to handle an ongoing incident, to proactively act on a threat you know coming your way or simply to deal with misdetections.

To keep this solution temporary without leaving holes in the security policy, administrators often require annotations and comments on allow-list entries.

Anti-Malware and DLP allow-list entries now includes optional comments, to facilitate managing the lists. These entries are editable and administrators can filter allow-lists to find those with specific text in their comments.

Note – this feature is now being gradually deployed and you should see it in your portal within the next 2 weeks.