Endpoint Protection

Paul Mal posted Aug 12, 2025 02:19 PM

I'm seeing the same thing.

Broadcom Employee Russ_V posted Aug 14, 2025 04:46 PM

Guido Janssen,

Thanks for using the Broadcom Community!

Yes, you are correct!  Detections with "ACM" at the start of the detection name are associated with our Adaptive Protection technology. 

For ALL options involving Adaptive Protection "tuning" see this link: 
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Using-Adaptive-Protection/Behavioral-Isolation-Heat-Map.html

In the case, the application is trusted and you need to add an Adaptive Protection exclusion refer to this link for the steps: 
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Using-Adaptive-Protection/creating-custom-exceptions-for-adaptive-protection.html

If you require further assistance beyond the above, kindly open a case with Broadcom Support and we'll take a look into this behavior and provide our suggestions.

Thanks,

Russ_V

Broadcom Employee Russ_V posted Aug 14, 2025 06:16 PM

Guido Janssen, 

Thanks for using the Broadcom Community! 

In response to your query, yes the "ACM" specific detections are referring to Adaptive Protection detections. 

For more information regarding the options available to "tune" your Adaptive Protection policy see here. 

In the case you want to create Adaptive Protection exclusions see here.

If you need guidance on how to do either of the above, kindly open a case with Support for assistance. 

Best,

Russ_V