Carbon Black Cloud: Are OS environmental variables supported as part of a policy rule?

Carbon Black Cloud: Are OS environmental variables supported as part of a policy rule?

search cancel

Carbon Black Cloud: Are OS environmental variables supported as part of a policy rule?

book

Article ID: 291066

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Is that possible to use operating system environment variables in a path as part of a CB PSC policy rule in the prevention tab of a policy?

Environment

Carbon Black Cloud: All versions
Windows: all supported versions

Resolution

Environmental variables are supported in policy rules.

Additional Information

System variables are allowed, for example:
- %WINDIR%
User variables like %LOCALAPPDATA% will be ran in Local System Context so they would not be recommended

Feedback

thumb_up Yes

thumb_down No