Threat Locker Exclusions Settings for Password Boss
Learn how to configure Threat Locker exclusions for Password Boss.
Written by Owen Parry
Updated at July 27th, 2024
Table of Contents
Setting up the exclusion in Threat Locker
Generally, Google Chrome and Edge Chromium do not require access to Command Prompt. However, some Chrome or Edge Chromium extensions may need to call out to Command Prompt to talk to other applications. If you don't have an extension that requires the ability to communicate with Command Prompt, we recommend that you Ringfence Chrome and Edge Chromium to prohibit communication with Command Prompt.
The default Google Chrome and Edge Chromium policies in ThreatLocker are set to block the ability of these browsers to call out to Powershell, RegSVR32, CScript, Command Prompt, and Forfiles. This prevents Chrome and/or Chromium from potentially launching other applications on your system, such as running a fileless malware attack.
However, suppose you use specific extensions, such as Password Boss, that need Chrome or Chromium to communicate with Command Prompt. In that case, you must edit the standard policy to allow for this communication.
Editing the Default Chrome or Edge Chromium Policy
Navigate to Application Control > Policies. Click the edit button (pencil icon) next to the policy that is interfering with the communication between your browser and Command Prompt (generally the policy closest to the top of your list).
Alternatively, you can reach the policy that is interfering by clicking the hyperlink located in the Unified Audit entry of one of the denied interactions, as shown below. Clicking the link will open the exact same policy edit window as using the edit button.
Scroll down to the Application Interaction tab. Select the 'X' next to Built-in/Windows Command Prompt (Built-in).
Click the 'Save' button in the top left.
Next, you will need to deploy policies. If this policy is for your organization, you can use the large 'Deploy Policies' button at the top of the main menu.
Alternatively, if this policy change is for multiple organizations, navigate to the Organizations page, select the checkbox next to the organizations that need this policy change, and then click the 'Deploy Policies' button at the top.
Before Ringfencing changes take effect, the application must be shut down and restarted. (e.g., shut down Chrome or Chromium)