Overview

In some cases, an Anti-Virus (AV) or EDR solution might interfere with the Cloud Secure Edge (CSE) app because of how they interpret the app's behaviour during installation or runtime. EDR and AV tools can flag behaviour that resembles attacks: since the CSE app is running background services, creating and modifying system files, intercepting network traffic, and maintaining a persistent connection to a cloud service, these actions can signal suspicious behaviour, especially if the EDR/AV tool doesn't recognize the signing certificate or publisher.

Allow-listing the CSE app in your AV/EDR tool informs the tool that the CSE app software can be trusted and should be ignored during scans or behavioural analysis. This guide lays out the specific CSE app binaries for each OS that you can use to allowlist the app in your org's AV/EDR solution.