Views:

Override the configured policy settings for selected endpoints.

Important
Important
Data Security Sensor is a "Pre-release" feature and is not considered an official release. Please review the Pre-Release Disclaimer before using the feature.
Overriding some features might impact your credit usage. Verify your selection before applying overrides. For more information, see Credit requirements for Trend Vision One solutions, capabilities, and features.
Policy overrides provide the capability to manage configuration differences on specifically selected endpoints in your security environment. Overrides can be used to temporarily enact more strict monitoring of endpoints targeted by an attack, or to better tailor security settings for individual endpoints.
To manage policy overrides, select one or more endpoints. Then click Endpoint security policy and select one of the following options:

Option
Description
Override settings
Override endpoint security policy
Override certain settings configured by the applied endpoint security policies
The overrides remain in place until you remove the overrides. Currently, only Endpoint Sensor related features and settings support overrides.
  • XDR for Endpoints (EDR): Enable or disable the XDR sensor feature
    Important
    Important
    Enabling this feature disables Activity Monitoring on agents managed by Server & Workload Protection. For more information, see Automatic disabling of Activity Monitoring after updating to Server & Workload Protection
  • Data Security Sensor: Enable or disable the Data Security module feature
  • Advanced risk telemetry: Enable or disable analysis for Cyber Risk Exposure Management features
Remove override settings
Removes override settings configured by using the Override endpoint security policy action
This only effects overrides implemented using the feature in Endpoint Inventory. This does not remove endpoint overrides configured in Server & Workload ProtectionComputers.
Confirm your selection and click Remove Override.
Remove Intrusion Prevention endpoint overrides
Removes endpoint overrides for Intrusion Prevention configured in Server & Workload ProtectionComputers
This action removes any overrides in Intrusion Prevention and resets the agent to using the configuration in the assigned policy. Depending on the configured policy and overrides, this action might impact your credit usage and requirements. The following features impacted by this action are Endpoint Security Pro features:
  • Intrusion Prevention rules with the Rule Availability type of Workload
  • Recommendations and recommendation scan
Confirm your selection and click Remove Intrusion Prevention overrides.