antiMalware Object
The antiMalware object contains the basic details on the Anti-Malware settings in a sensor policy, including:
Field |
Type |
Description |
---|---|---|
enabled |
Boolean |
Indicates whether Anti-Malware protection is enabled in this sensor policy. |
signatureMode |
Enum |
The mode to use for the Anti-Malware > Signatures mode. Possible values include
|
documentProtectionMode |
Enum |
The mode to use for the Anti-Malware > Behavioral Document Protection mode. Possible values include:
This field is available from versions 20.1.241 and later. |
documentProtectionSensitivityLevel |
Enum |
The sensitivity level to use for the Anti-Malware > Behavioral Document Protection mode. Possible values include:
This field is available from versions 20.1.241 and later. |
documentProtectionExclusions |
Array |
An object containing a list of exclusions from the Behavioral Documentation Protection. If you do not want to add any exclusions, leave this array empty. This field is available from versions 20.1.241 and later. |
file |
String |
The rule ID string to exclude from Behavioral Document Protection. This field is available from versions 20.1.241 and later. |
modifiedBy |
String |
The Cybereason user name for the user updating this policy. This field is available from versions 20.1.241 and later. |
lastModified |
Long |
The time (in milliseconds) when you create this policy. This field is available from versions 20.1.241 and later. |
detectMode |
Enum |
The mode to use for the Anti-Malware > Artificial Intelligence Detection mode. Possible values include:
|
preventMode |
Integer |
The mode to use for the Anti-Malware > Artificial Intelligence Prevent mode. Possible values include:
|
quarantineMaliciousFiles |
Boolean |
Instructs the Cybereason platform to quarantine files marked as malicious by the Anti-Malware > Artificial Intelligence mode. |
exclusions |
Array |
An object contaning a list of files or folders to exclusions from Anti-Malware protection. If you do not want to add any exclusions, leave this array empty. |
file |
String |
The file or folder string to exclude from Anti-Malware scan. For details on supported exclusion formats, see Add Exclusions. |
modifiedBy |
String |
The Cybereason user name for the user updating this policy. |
lastModified |
Long |
The time (in milliseconds) when you create this policy. |
quickScanEnabled |
Boolean |
Indicates whether the quick scan option for scheduled scans is enabled. |
quickScan |
JSON object |
An object containing details on the options for scheduled quick scans. |
quickScanMode |
Enum |
The action to take on a quick scan if a sensor is not available when the scheduled scan time arrives. Possible values include:
|
fullScanEnabled |
Boolean |
Indicates whether the full scan option for scheduled scans is enabled. |
fullScan |
JSON object |
An object containing details on the options for scheduled full scans. |
fullScanMode |
Enum |
The action to take on a full scan if a sensor is not available when the scheduled scan time arrives. Possible values include:
|
period |
Enum |
The frequency to perform a scan. Possible values include:
|
periodicHour |
Integer |
The hour (on a 24 hour clock) in which to start the scheduled scan. |
periodicDay |
Integer |
If you select WEEKLY or MONTHLY for the period key, the day on which to perform a scheduled scan. Enter 0 for Monday, 2 for Tuesday, and so forth. |
periodicOccurrence |
Integer |
If you select MONTHLY for the period key, the week on which to repeat the scan. Enter the number for the week in the month. |
localUpdateServerUrl |
Integer |
The URL to your Local Update Server. If you do not have a Local Update server, leave this key value empty. |
updateFrequencyIntervalMin |
Integer |
The frequency (in minutes) for how often a sensor should check for signature database updates. This field is not available by default. Open a Technical Support case to display the Advanced configuration options, including this option. |
limitFileExtensions |
Boolean |
Instructs the Cybereason platform to only scan certain types of file extensions during a scan. This field is not available by default. Open a Technical Support case to display the Advanced configuration options, including this option. |
ignoreNetworkPaths |
Boolean |
Instructs the Cybereason platform to not scan network paths as part of a scan. |
scanArchives |
Boolean |
Instructs the Cybereason platform to scan zip files. If you want to use this option, you must enter false for the limitFileExtensions key. This field is not available by default. Open a Technical Support case to display the Advanced configuration options, including this option. |