How to exclude folders or files in defender for cloud

Mangubat, Jade 0 Reputation points
2024-08-30T03:56:48.4466667+00:00

I'll be implementing policy in defender for cloud and this includes the exclusions of Files and forlders that shouldnt be scanned .

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,353 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andrew Blumhardt 9,856 Reputation points Microsoft Employee
    2024-09-09T12:26:58.26+00:00

    There are no file and folder exclusions in Defender for Cloud. With one exception, it does not scan files. That is Defender for Endpoint/Antivirus. Defender for Cloud is more focused on security posture and risky configurations. There is an AV scan in Defender for Storage on the commercial side. This does not have direct exclusions but there is a workaround described here.

    https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-malware-scan

    Defender for Endpoint is the Microsoft AV-EDR service. It has custom indicators than can be used allow files and supports traditional folder exclusions by policy. Though MDE does real-time scanning that reduces the need for traditional exclusions. The fewer exceptions you have the better.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.