Abstract
You can import file hash exceptions from the Endpoint Security Manager or from external feeds.
The Action Center page displays information on files quarantined and included in the allow list and block list. To import hashes from the Endpoint Security Manager or from external feeds, you can initiate an action.
From Cortex XSIAM , select → → → .
Select Import Hash Exceptions.
Drag your
Verdict_Override_Exports.csv
file to the drop area.If necessary, resolve any conflicts encountered during the upload and retry.
Click Next twice.
Review the action summary, and click Done.
Cortex XSIAM imports and then distributes your hashes to the allow list and block list based on the assigned verdict.