After all the years that I have been dealing with SEP they still do not have a good/clean way of excluding EXE's. You can add EXE's but only as an application to monitor. Why can't you just add the name of the EXE and create the exception ? This to me would seem like the EASIEST thing to do.
I work in the telecom industry which uses some custom applications not normally seen the wild. I would like to be able to see in my console on the main page "Newly Infected" . . click on the detection, detrmine if the EXE is legit or not and be able to select to add that to the exclsuion list, and also select for ALL users as for many apps the path changes based on the user profile.
The fact that this funtionality is not there yet somewhat puzzles me. Webroot, I can just add the EXE or the SHA etc. I use both technologies but would like to see SEP become more admin friendly to be able to more easily keep my console clean. If developers are looking for new features to bring to the table that will actually make a difference for admins this would be it and it's been missing for a long time.
CP
ps. I hate the color scheme on the new SEP 14.x console. VERY difficult to read !!! That is all . . . .