Command Line Rules extend the whitelisting coverage to file-less attacks that make use of already trusted applications to infect PCs. Such attacks do not exist as a file and can remain undetected by antivirus programs and threaten the security of the user’s system.
This advanced feature of SecureAPlus enables users to make additional rules on top of the default ones to increase the overall security of SecureAPlus according to user preference and technical knowledge.
The following are instructions for basic operation and creation of command line rules:
- Launch SecureAPlus and select App Settings. In the App Settings menu, click on Application Whitelisting > Command Line Settings.
In Command Line Settings, you can choose to edit the Command Line Rules or the Whitelist Database.
Add Command Line Rules
Follow this instruction to add command-line rules:
- On the Rules tab, click on the Add button.
- Browse the process file or Enter the process file name without the path and select the desired parameters and action and click on the Add button.
- The newly added command line rule will be added to the list.
Edit Command Line Rules
To modify Application Whitelisting rules for the command line:
- Select a process from the list
- To modify the Process name or the parameter: Double click on it till you see a text box. Make necessary changes and hit the Enter key.
- To modify the Parameter rules or the action: Click on the drop-down list and select the desired field.
Remove Command Line Rules
- Checked on the rule(s) from the list that you want to remove, click the Remove button.
- The selected rule(s) will be removed from the list.
The Command Line Settings is an advanced and powerful feature that increases in utility as user technical knowledge about threats increases. To learn more about this powerful feature, check out our other support pages on Adding & Removing Trusted Command Lines and Available Actions for Command Line Rules.
This post is also available in: Japanese