Overview
To better identify the riskiest file activity in your environment, file categories were updated in June of 2023. As a result, you may need to update some of your alert rules. This article describes the changes and how to determine if you need to update alert rules.
File category updates
Below is a list of the file categories that have changed. For a full list of file categories with example file extensions, see Incydr file categories.
Document
Some files that were previously categorized as documents may now be categorized as one of the following:
- Research and technical documents
- Mechanical design files
- Microsoft proprietary data
- Diagram
- Graphic design
- Chemical
Image
Some files that were previously categorized as images may now be categorized as one of the following:
- Graphic design
- Medical imagine
- Mechanical design files
- Diagram
Source code
Some files that were previously categorized as source code may now be categorized as one of the following:
- Graphic design
- Research and technical documents
Video
Some files that were previously categorized as video may now be categorized as one of the following categories:
- Graphic design
Impact to alert rules
If you have alerts configured with the file categories that were updated, review your alert rules to ensure they are configured as intended, given the changes. For example, if you have an alert rule configured to alert on web development and design files, the rule is likely configured with Source code. Update this rule to use the Web development and design category.