Adding Exceptions

You can add the domain, file SHA-1, file SHA-256, IP address, sender address, or URL object to the Exception List.

  1. Go to Threat Intelligence > Suspicious Object Management.
  2. Click the Exception List tab.
  3. Click Add.

    The Add Exception screen appears.

  4. Select any of the following from the Method drop-down list:
    • Domain: type a domain name.

      Note:

      One wildcard "*" connected with a "." is supported in the domain prefix, for example: *.example.com.

    • File SHA-1: type the SHA-1 hash value of a file.

    • File SHA-256: type the SHA-256 hash value of a file.

    • IP address: type an IP address or a hyphenated range.

      Note:

      IPv4 or IPv6 addresses, address ranges, and subnet masks are supported.

    • Sender address: type an email address.

    • URL: type a URL.

      Note:

      The wildcard "*" is supported at the beginning of the domain part, end of the path part, or in both places, for example, abc.example.com/path1/path2, *.example.com, abc.example.com/*, *.example.com/path/*.

  5. (Optional) Type a description.
  6. Click Submit.

    The object appears in the Exception List.

    Trend Micro Vision One excludes the object from the Suspicious Object List during the next synchronization and will not add it as a suspicious object in the future.