Anti-Virus Configuration

Learn how to explicitly allow Twosense software in your anti-virus solution to avoid issues.

Due to the deeply integrated nature of the Twosense agent software, heuristic analysis from anti-virus engines may erroneously classify components of it as malware. If this happens, the anti-virus may attempt to quarantine the software and cause issues with the machine.

If your organization uses an endpoint protection solution or other form of anti-virus, please allow-list the following paths to prevent issues. Refer to your vendor's documentation on how to properly exempt paths from detection and quarantine.

  • C:\Program Files\TWOSENSE.AI\*

  • C:\Windows\system32\drivers\kbfiltr.Sys

    • This driver is a keyboard filter which allows the Twosense agent to capture typing behavior during Windows login. To verify its authenticity, you may check the digital signature — it should be signed by Microsoft.

Additionally, outgoing connections to the following hosts should be allow-listed. (If you are given a different list of hosts by your Twosense account manager, use that one instead.)

  • api.twosense.ai

  • app.twosense.ai

  • webapi.twosense.ai

  • manager-approval.twosense.ai

  • sentry.twosense.ai

  • o386114.ingest.sentry.io

  • logs.us-east-1.amazonaws.com

  • monitoring.us-east-1.amazonaws.com

  • api.mixpanel.com

  • radius.twosense.ai

Last updated