MAV - Audit Windows Defender Exclusions
R
Robert Farmer
It would be great to see at a top level what devices an exclusion applies to but I also need some auditing for MAV exceptions to find out who or what created a rule.
Autopilot
Merged in a post:
Where have MAV exclusions been made?
B
Ben Bernstein
When viewing MAV exclusions at the partner level (IE: https://SUBDOMAIN.huntress.io/account/antivirus_exclusions/enforce_mode) it is very helpful in identifying risky exclusions across all client organizations. Unfortunately, this view does not provide details around where these risks exist. At the moment it is hard to determine which organizations and which endpoints have these exclusions.
It would be great to make the value for "affected agents" clickable so that you can see where these exclusions exist. This would make central management of defender exclusions way easier.
Bonus points if we can also show when these exclusions were applied and by who once you click into the number of affected endpoints.