Verify if path selected in file system policy still exist

What is a one sentence summary of your feature request?

New functionality that verify if paths used in file system policies still exist

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

With multiple policies on File Systems that are tracking over changes on specific paths its hard to constantly do verification if there were no changes in environment on selected path. Sometimes there might but intentional or unintentional name change in path, path that was monitored no longer exist. In all those cases Threat Prevention does not alert about it, changes are just no longer tracket cause path no longer exist.

It would be great if for example Threat Prevention would run special task on schedule that would test for each path that is used in policy if it still exist, and return notification or alert when this task return false for any path.

How do you currently solve the challenges you have by not having this feature?

No workaround solution was implemented yet to solve this problem.

Hi! Thanks for the suggestion, we’re discussing implementation options and we’re thinking maybe a utility run on-demand opposed to an automatic process. Otherwise, this could cause a lot of noise in scenarios where the policies are not cleaned up.

This utility would be able to be run with a scheduled task if configured, but not by default. The utility would then create alerts on policies that have objects that no longer exist (file system paths as well as AD objects).

Does this sound like it would solve the issue you’re describing?