Sentinel One: Add an exception for Axcient

Written By Tami Sutcliffe (Super Administrator)

Updated at March 8th, 2022

Overview

Sentinel One is a popular antivirus platform which is effective against both existing and newly-released malware.  

Unlike traditional antivirus engines, Sentinel One is purely heuristics-based. (Instead of relying on pattern matching bits of code against a dictionary of known viruses, Sentinel One uses algorithms to monitor the behavior of applications and classifies them as suspicious based on what they are attempting to do.)

Unfortunately, while this method can be highly effective in identifying new ‘unknown’ malware, it also has a tendency to generate false positive hits on some types of trusted software.  

  • By design, Sentinel One typically requires explicit allow listing of some types of applications.
  • Backup agents, by their nature, have elevated security permissions. They perform sensitive operations that can easily be flagged by such heuristic detection mechanisms. 
  • The  x360Recover agent is one such item that requires specific allow listing.

Add an exclusion for Axcient products

Signing a certificate is the simplest way to add an exclusion for Axcient products to Sentinel One.  

All Axcient products are signed by our extended validation code signing certificate in the name of EFOLDER, INC

Note: This exclusion is effective for x360Recover agents, Recovery Center, and Axcient DirectRestore. (All are signed by the same Axcient code signing certificate.)

To create a Sentinel One exclusion, perform the following steps:

1. On the Sentinel One side navigation, click Scope and select a scope:

2. Click Sentinels from the side navigation and then click Exclusions from the top navigation.


3. Click Signer Identity and then click New Exclusion.

4. In the OS field, select Windows and then in the Certificate ID field enter EFOLDER, INC.

5. Click on either Save to complete this addition or click Save and Add Another to continue with additional changes.


 


 SUPPORT | 720-204-4500 | 800-352-0248

1092