Scan Paths

Use this feature to create either a Allow list or Block list of paths/locations to restrict the locations inspected by the Software Vulnerability Manager scan.

You can add environment variables to the Allow list and Block list in the Scan Paths view. The environment variables will be resolved to the full path by the windows agent while scanning a host and will appropriately be either scanned or skipped.

For Example:

If %windir% is added to the Block list in the Scan Paths, then the agent will skip C:\Windows folder and its subfolders while scanning a host.

Click Add Allow list Rule or Add Block list Rule and enter the Name, Path and Site (optional) details.

Important:This feature is not applicable to RHEL.

If using the Allow list, all the locations listed will be inspected by the scanner and any other locations are excluded from Software Vulnerability Manager inspections.

If using the Block list, all the locations/paths block-listed will be ignored and any other paths are inspected by the Software Vulnerability Manager scan.

Important:Use this feature with caution. By using the Scan Path Rules some of your paths will be excluded from the scan and Software Vulnerability Manager will not alert you towards excluded insecure products, even if they potentially expose your hosts to security threats.

Important:It is not possible to simultaneously use both a Block list and a Allow list.

Note:To exclude Microsoft One Drive files from agent scan, add "\OneDrive\" to you block list.

To exclude Dropbox files from agent scan, add "\Dropbox\" to you block list.

To exclude Box.net files from agent scan, add "\Box\" to you block list.