# Anti-Virus Configuration

Due to the deeply integrated nature of the Twosense agent software, heuristic analysis from anti-virus engines may erroneously classify components of it as malware. If this happens, the anti-virus may attempt to quarantine the software and cause issues with the machine.

If your organization uses an endpoint protection solution or other form of anti-virus, please allow-list the following paths to prevent issues. Refer to your vendor's documentation on how to properly exempt paths from detection and quarantine.

* `C:\Program Files\TWOSENSE.AI\*`
* `C:\Windows\system32\drivers\kbfiltr.Sys`
  * This driver is a keyboard filter which allows the Twosense agent to capture typing behavior during Windows login. To verify its authenticity, you may check the digital signature — it should be signed by Microsoft.

Additionally, outgoing connections to the following hosts should be allow-listed. (If you are given a different list of hosts by your Twosense account manager, use that one instead.)

* `api.twosense.ai`
* `app.twosense.ai`
* `webapi.twosense.ai`
* `manager-approval.twosense.ai`
* `sentry.twosense.ai`
* `o386114.ingest.sentry.io`
* `logs.us-east-1.amazonaws.com`
* `monitoring.us-east-1.amazonaws.com`
* `api.mixpanel.com`
* `radius.twosense.ai`