You can import file hash exceptions from the from the
Endpoint Security Manager or from external feeds.
Action Center page displays information on files quarantined and
included in the allow list and block list. To import hashes from
the Endpoint Security Manager or from external feeds, you can initiate
From Cortex XDR, select
+ New Action
Import Hash Exceptions
to the drop area.
necessary, resolve any conflicts encountered during the upload and
Review the action summary, and click
Cortex XDR imports and then distributes your hashes to
the allow list and block list based on the assigned verdict.