Help CenterExplicit Deny
Any policy you create can be set to explicitly deny an application even when your computers are in a monitor only or learning mode.
Setting an Explicit Deny from the Policies Page
Using the left-hand menu, select the Modules dropdown, then select Application Control.
From here, select the Policies tab at the top-right of the page. You can then search for your application of choice.
Once the application appears on the page, you will see a category labeled Status. The dropdown under this is set to Inherit. Selecting this dropdown gives you two other options, which are Secured and Monitor.
Change the status from Inherit to Secured. This will make it an explicit deny in which this will be applied even if the machine is in Learning Mode.
Conversely, choosing Monitor will make the policy a monitor policy regardless of the computer’s status. So even when a computer is secured, if the policy is set to Monitor, it won’t create a block.
Setting an Explicit Deny Policy from the Applications Page
Navigate to Application Control using the Modules dropdown. Search for your desired application using the search bar at the top of the page, then select the application and navigate to the Existing Policies page.
Select the policy you want to edit. You will see that in the table labeled Actions, there are 3 setting options at the bottom labeled Inherit Status From Group (default), Secured Mode, and Monitor Only Mode. Change the setting from Inherit Status From Group to Secured Mode. Select Save at the bottom of this window once you are done.
Alternatively, choosing Monitor Only Mode on this page will make the policy a monitor policy.