Hi all,
Is it possible with Intercept X XDR to block some of the applications used in "Living off the Land" attack vectors
For exmple, Microsoft recommend using Windows Defender Application Control to block several of them unless needed.
Can I use Intercept X policies to block say AddinUtil.exe at these paths?
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddinUtil.exe
- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddinUtil.exe
Removed link
[edited by: DavidGorman at 11:22 AM (GMT -7) on 1 Jun 2024]