You create exclusions in insight VM to prevent unnecessary scanning.
Exclusions tell the scanner to skip specific files, folders, or processes. This reduces scan times and avoids potential conflicts with running applications. Properly configured exclusions improve scan efficiency without compromising security. Exclusions should be used cautiously and only when necessary.
Adding Exclusions
- Navigate to the scan configuration settings.
- Locate the 'Exclusions' section.
- Click 'Add Exclusion'.
- Specify the path, file name, or process to exclude.
- Save the changes.
Types of Exclusions
- File Path: Excludes a specific file.
- Folder Path: Excludes an entire folder and its contents.
- Process Name: Excludes processes from being scanned while running.
Exclusion Methods Comparison
| Method | Scope | Complexity |
|---|---|---|
| File Path Exclusion | Single file | Low |
| Folder Path Exclusion | Entire directory | Medium |
| Process Name Exclusion | Running process | High |
Best Practices
- Limit Exclusions: Only exclude what is absolutely necessary.
- Be Specific: Avoid broad exclusions that could leave systems vulnerable.
- Regularly Review: Periodically check exclusions to ensure they are still valid.
- Document Exclusions: Keep a record of all exclusions and the reasons for them.
Incorrectly configured exclusions can create security gaps. Always test exclusions thoroughly to ensure they do not interfere with the intended security posture.