Application Control - LOB Application Exclusions

Brass Contributor



Consider I've tested Application Control in either audit or enforce mode (setting from Endpoint Manager/Endpoint Protection/AC). Everything seems to work fine except a few LOB-applications.



How do I exclude these LOB-applications from Application Control?

I think I've read about that you need to combine Application Control with Applocker for exclusions is that true? If that's the case where can I find documentation on how to setup exclusions?

If that's true - does the exclusions need to be managed by GPO or can it be managed via MDM only? (AAD Join only)


Simon Håkansson_0-1596787272574.png

1 Reply

In MEMCM you have this capability, but what if I'm having an environment where a CM is not present? Would be fantastic to be able to add custom LOB-apps as exclusions this way but in Intune but maybe that's considered a security or non-issue?

Simon Håkansson_0-1596790043376.png