Default Setting for App-Embedded Defender File System Protection

Because App-Embedded Defender’s file system protection could affect workload performance, you can enable or disable it.
This procedure is intended for security teams that want to set a global recommendation for whether file system protection should be enabled when teams deploy App-Embedded Defenders.
By default, file system protection is disabled in App-Embedded Defenders. Security teams can turn it on by default so that teams that build and manage apps will deploy Defender according to your organization’s best practices. Individual teams can optionally override the default setting at embed-time, and they may want to do so if file system protection interferes with their workload’s operation.
  1. Log into Console.
  2. Go to
    Manage > Defenders > Manage > Defenders
  3. Click
    Advanced settings
  4. Set
    Default file system protection statefor App-Embedded Defenders
  5. Validate the global setting has been properly applied by inspecting the Defender embed flow.
    1. Go to
      Manage > Defenders > Deploy > Defenders
    2. In
      Deployment method
      , select
      Single Defender
    3. In
      Choose the Defender type
      , select
      Container Defender - App-Embedded
    4. Verify that the value for
      Monitor file system events
      matches the value you set in
      Advanced settings

Recommended For You