• Seeing Alert "The process <Event:Initiator.FilePath> attempted to open <Event:Target.FilePath> with the intent to execute. A Deny Policy Action was applied."
• This may be seen even if the policy has no deny operations

• Carbon Black Cloud: All Versions
• Carbon Black Cloud Sensor: All Supported Versions

• This can happen if a runs or is running rule terminate rule blocks a process from running.
• The rule responsible for the block is technically denying the execute-intent (or loading) of a process that has a terminate or deny rule in policy.
• This rule is different from the rule that terminates run/running process.

Based on the operation/process being denied determine if this expected behavior and modify rules as needed