rulesEngine Object
The rulesEngine object contains the basic details on the Behavioral Execution Prevention settings in a sensor policy.
Note
This object (the Behavioral Execution Prevention feature) is available from versions 21.2.63 and later. If you use Cybereason versions 21.2.63 until 21.2.168, contact your Customer Success Manager for access to this feature. If you use versions 21.2.182 and higher, open a Technical Support case to enable this feature.
Field |
Type |
Description |
---|---|---|
rulesEngineMode |
Enum |
The mode to use for Behavioral Execution Prevention. Possible values include:
|
pathExclusions |
Array |
A list of files or folders to exclude from Behavioral Execution Prevention. If you do not want to exclude any files or folders, leave this array empty. |
file |
String |
The file or folder to exclude. |
modifiedby |
String |
The Cybereason user name of the user creating the policy. |
lastModified |
Long |
The time (in milliseconds) when you create the policy. |
rulesIdExclusions |
Array |
A list of rule IDs to exclude from Behavioral Execution Prevention. You find these rule IDs in the Signature field of a Malicious process behavior Malop. For a list of currently supported rule IDs, see Behavioral Execution Protection Settings. |
file |
String |
The rule ID to exclude. |
modifiedBy |
String |
The Cybereason user name of the user creating the policy. |
lastModified |
Long |
The time (in milliseconds) when you create the policy. |