Forum Discussion
MDE repeatable false positive "Multi-stage incident involving Privilege escalation..." How to fix?
Anyone else seeing this? It always has 57 alerts, too, and the Detection source is always 'Custom TI' and always at the same time in the morning. Doesn't matter if the machine is managed, AD joined, ...
