Forum Discussion

HKN's avatar
HKN
Copper Contributor
Jan 16, 2025

Whitelisting Pentesting tools

Hello everyone.
I'm coming to you with a question that I think is pertinent.
We use a pentesting tool in our environment.
It generates a lot of incidents and alerts in Microsoft Defender. We have

on-prem accounts (one user, one admin) so that the tool can perform this pentesting.
Do you have any ideas on how to whitelist incidents linked to this user, these actions or the node machine he uses to initiate connections? So that it no longer generates or the incidents linked to these activities are automatically resolved.

Thank you for your help.

HKN

 

No RepliesBe the first to reply

Resources