Forum Discussion
HKN
Jan 16, 2025Copper Contributor
Whitelisting Pentesting tools
Hello everyone.
I'm coming to you with a question that I think is pertinent.
We use a pentesting tool in our environment.
It generates a lot of incidents and alerts in Microsoft Defender. We have
on-prem accounts (one user, one admin) so that the tool can perform this pentesting.
Do you have any ideas on how to whitelist incidents linked to this user, these actions or the node machine he uses to initiate connections? So that it no longer generates or the incidents linked to these activities are automatically resolved.
Thank you for your help.
HKN
No RepliesBe the first to reply