Skip to content

New-SophosEndpointExploitMitigationExclusion

SYNOPSIS

Exclude a set of file paths from Exploit Mitigation

SYNTAX

New-SophosEndpointExploitMitigationExclusion [-Token] <String> [-TenantId] <String> [-ApiHost] <String>
 [-ExclusionPaths] <Array> [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]

DESCRIPTION

Exclude a set of file paths from Exploit Mitigation

EXAMPLES

EXAMPLE 1

$token = Get-SophosAccessToken -ClientID "xxxxxxxxxxxxxxxx" -ClientS "xxxxxxxxxxxxxxxxx"
PS>$partnerId = Get-SophosPartnerId -Token $token
PS>$tenant = Get-SophosPartnerTenants -PartnerId $partnerId.PartnerId -Token $token | Where-Object {$_.Name -eq 'MyTenant'}
PS>$exclusions = Get-SophosEndpointExploitMitigationExclusions -Token $token -TenantId $tenant.id -ApiHost $tenant.apiHost | where-object {$_.id -eq "xxxx-xxxx-xxx-xxxxx"}
PS>New-SophosEndpointExploitMitigationExclusion -Token $token -TenantId $tenant.id -ApiHost $tenant.apiHost -ExclusionPaths @("c:\foo\bar.exe")

PARAMETERS

-Token

JWT token from oauth API

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-TenantId

Tenant ID

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ApiHost

API host location URL of the tenant

Type: String
Parameter Sets: (All)
Aliases:

Required: True
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ExclusionPaths

Array of absolute paths to an application file to exclude. You may use HitmanPro.Alert expansion variables (For example, $desktop, $programfiles). Currently, this array may contain only one application path.

Type: Array
Parameter Sets: (All)
Aliases:

Required: True
Position: 4
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-ProgressAction

{{ Fill ProgressAction Description }}

Type: ActionPreference
Parameter Sets: (All)
Aliases: proga

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

OUTPUTS

NOTES