search cancel

Add custom suspicious hashes to Data Center Security (DCS) policies as an Indicator of Compromise (IOC)


Article ID: 175979


Updated On:


Data Center Security Server Advanced


You wish to prevent access to files with particular custom has values through DCS prevention policies


To add custom suspicious hashes to DCS policies which would assist in indicating compromise may be achieved through the prevention policy options -> Global policy options -> (Process Access Control -> No access Process Access control) OR ( File Rules -> No access Resource list).

Edit the above to add & enter the File Hash values. Enter * for program path & apply the prevention policy as desired.