The application C:\path\selectedapp.exe was prevented from accessing the file C:\path\targetapp.exe due to a Deny operation or Terminate process policy action. TTPS: POLICY_DENY and the target application has a KNOWN_MALWARE, SUSPECT_MALWARE, PUP, or COMPANY_BLACK_LIST reputation
Depending on the policy rules in place, Endpoint Standard will prevent any application from accessing a known malware, suspect malware, pup, or company black list file. This behavior is effectively considered a file quarantine or "quarantine-in-place". The read operation will be denied, logged, and provisionally included in any threat that may be created at that time if one or more of the minimum criteria is met: