Command Filters

Command Filters is a security feature of the Access Broker that allows precise control over which shell or terminal commands are permitted or denied during a secure remote session. It operates by intercepting commands issued by the user and evaluating them against configured allow or deny rules using regular expressions. In addition, the feature supports command path enforcement, ensuring that only trusted binaries from approved directories are executed.

Command Filters enable organizations to enforce strict operational controls over remote administrative sessions, mitigating the risk of accidental or malicious execution of sensitive or harmful commands. By filtering commands and enforcing binary paths, the feature strengthens endpoint protection in high-security environments.

To learn more about the Command Filters feature, its use-cases and configuration, please see our Command Filters overview and Configuration guide.