• Event reporting & sensor operation exclusions
• Core Prevention Exclusions

Carbon Black Cloud has continued to create methods to exclude items for different reasons. There are a number of options depending on the product and the goal for the exclusion. Below is a list of some of the common items.

Policy permissions:

• Policy — How to Set up Exclusions in the Carbon Black Cloud Console for AV Products 
• Policy — How to Create Policy Blocking & Isolation and Permissions Exclusions 
• Policy — What are the differences between API Bypass and Full Bypass 
• Expectation — Events Still Being Sent When Process is in Full Bypass Rule  
• Wildcards — How to specify wildcards in Core Prevention exclusions  
• IT Tools — Adding approved reputation using IT Tools isn't working properly 
• IT Tools — How to Utilize IT Tools Allow list Feature  
• Self Signed Cert — Adding self-signed cert to script and Configuring the system for a bypass 
• Hash — How to Add a SHA256 Hash to Approved/Banned List 

Core Preventions

• Core Rules — How to Configure Exclusions for Core Prevention Rules

Event Reporting / Process Exclusions

• Is it possible to add scanning exclusions for other security products in an Enterprise EDR console?
• Sensor Does Not Honor Bypass Exclusions

Other

• 3rd party recommendations — Recommended Third-Party Anti-virus Exclusions 
• Citrix recommendations —  How to add Citrix exclusions in Windows registry for CBC Sensor