We use the SEP suite throughout our organization (medium sized software dev organization), but we are recieving some feedback from Engineering concerning the performance impacts of SEP. I’m hoping I can get some guidance on how to configure SEP for minimal impact of our typical development use cases without compromising the safety that we get from SEP.
Our development process relies heavily on git and java. Java is a bit of a special case so first we can look at git.exe. On a windows 10 machine it takes a factor of 10 longer to process a git command then it does on the same machine with SEP. However, we have added git.exe to the whitelist, in addition to whitelisting the folder git is operating on, so I’m unsure what might still be impacting the operation. When I introspect the git process, I can see “SYSFER.DLL” in the call stack so I know SEP is involved, I just can’t quite figure out why. Any help would be appreciated.
The second process is Java which requires special attention. Since java can dynamically load and execute malicious code we can’t safely whitelist java.exe. Is there a suggested method for whitelisting a particular specific java.exe or specific java “JAR” files (which as I understand have the executable code in them)?
Finally, what is the best way for me to tell that the processes and files that I have whitelisted are not being scanned or impacted by SEP. For example when I whitelisted git.exe there was no change in the performance but I can’t really tell what SEP is doing. I just know it is still slow.