Forum Discussion
Custom critical filter for EDR/XDR
Hello everyone, i would like to ask if somebody is trying to make a unique "critical" filter for alerts/incidents that need to be done as fast as possible? We have many high alerts and we are ...
Thank you for answers. Its not for vulnerabilities so i think CVE wouldnt help us me with that.
Its for malware, ransomware etc., because the highest category for alert what MS Defender use is High, and that is the reason why im trying to make custom alert, aiming to be like "Critical".
Im trying using keywords for ransomware, which i deal like critical, but dont know if somebody find out somethink better that could fit me well.