ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

What is the limitation on Blacklist and Whitelist entries in ATP?

book

Article ID: 172776

calendar_today

Updated On:

Products

Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

You want to know the limit on how many Deny or Allow list entries that Endpoint Detection and Response will accept.

Resolution

SEDR version 4.1 and later will allow you to have 65,000 total entries in the Deny list or Allow list.  You will not be allowed to use more than 65,000 entries in your lists and an error will show stating that the policy limit is reached when attempting to add any more entries than the 65,000 limit.

Additional Information

As of version 4.5 the blacklist and whitelist names were updated to Deny list and Allow list.