I have enabled Applocker in audit mode and created both Publisher and DLL rules for most applications, but now on my audit logs i am getting .api files comming through via DLL Policy e.g:
%PROGRAMFILES%\ADOBE\READER 11.0\READER\PLUG_INS\IA32.API was allowed to run but would have been prevented from running if the AppLocker policy were enforced.
as you cant create .api rules how can i allow api files without creating a path rule?
Please help