on 9/22/22 cis auto containment started blocking node.js scripts when ran using command npm run “name” but adding rules in the auto containment to allow npm and node.js doesnt seems to work at all. logs in containment events include;
Date & Time | Application | Status | Action | Rating | Contained by | Parent process path | |
2022-09-24 12:37:33 | C:\Users\matth\AppData\Local\Temp\dev-7a0a4063.cmd | running | Run Virtually | Unrecognized | Containment Policy | C:\Program Files odejs ode.exe | |
2022-09-24 12:37:33 | C:\Program Files odejs ode.exe | running | Run Virtually | Trusted | Contained Process | C:\Windows\System32\cmd.exe | |
2022-09-24 12:37:33 | C:\Windows\System32\cmd.exe | running | Run Virtually | Trusted | Contained Process | C:\Program Files odejs ode.exe | |
2022-09-24 12:37:33 | C:\Windows\System32\cmd.exe | completed | Run Virtually | Trusted | Contained Process | ||
2022-09-24 12:37:33 | C:\Program Files odejs ode.exe | running | Run Virtually | Trusted | Contained Process | C:\Program Files odejs ode.exe | |
2022-09-24 12:37:29 | C:\Users\matth\AppData\Local\Temp\dev-a7e85c9a.cmd | completed | Run Virtually | Unrecognized | Containment Policy | ||
2022-09-24 12:37:29 | C:\Program Files odejs ode.exe | completed | Run Virtually | Trusted | Contained Process | ||
2022-09-24 12:37:29 | C:\Program Files odejs ode.exe | completed | Run Virtually | Trusted | Contained Process |