File Path Example Usage

Monitor all users' Downloads folder

-

1. Enable assessment mode

2. Any local storage

3. String

4. C:\Users\*\Downloads\*

Logs all attempts to access applications in all users' Downloads folder.

Monitors:

• C:\Users\john_doe\Downloads\start.exe

• C:\Users\Administrator\Downloads\start.exe

Block all applications located in any folder under theMyApps subfolder of either Program Files directory

-

1. Program Files folders

2. String

3. \MyApps*

Blocks:

• C:\Program Files(x86)\MyApps\start.exe

• C:\Program Files\MyApps\start.exe

• C:\Program Files(x86)\MyApps\bin\start.exe

Allows:

• C:\Program Files(x86)\start.exe

Allow all applications located in any folder under theMyApps subfolder of either Program Files directory but Block all other applications/folders

1. Program Files folders

2. String

3. \MyApps*

1. Any local storage

2. String

3. C:\Program Files\*

AND

1. Any local storage

2. String

3. C:\Program Files (x86)\*

Blocks:

• C:\Program Files(x86)\start.exe

Allows:

• C:\Program Files(x86)\MyApps\start.exe

• C:\Program Files\MyApps\start.exe

• C:\Program Files(x86)\MyApps\bin\start.exe

Block only applications located in theMyApps subfolder of either Program Files directory but Allow all other applications/folders

1. Allow the subfolders of the MyApps directory

   1. Program Files folders

   2. String

   3. \MyApps\*\*

1. Program Files folders

2. String

3. \MyApps\*

Blocks:

• C:\Program Files(x86)\MyApps\start.exe

• C:\Program Files\MyApps\start.exe

Allows:

• C:\Program Files(x86)\start.exe

• C:\Program Files(x86)\MyApps\bin\start.exe

Block a specific application file name in any folder

-

1. Specific path
2. Regular expression (PCRE)

3. .*\\(?i)test(?-i)\..*

Blocks:

• C:\MyApps\test.exe

• C:\Users\guet\AppData\Local\Temp\test.exe

• C:\Program Files(x86)\MyApps\test.exe