Forum Discussion
JasonCohen1892
Mar 26, 2021Microsoft
New Blog Post | Detecting who is changing Alert Suppression rules in Azure Defender
Detecting who is changing Alert Suppression rules in Azure Defender - Microsoft Tech Community
There are some scenarios in which the alert that you are receiving in Azure Defender could be a false positive for your environment. If you want to avoid receiving that specific alert, you can create an alert suppression rule. Although the alert suppression is a feature that can be used to optimize your experience, it can also be used with malicious intent in case a user wants to evade detection. To create or delete alert suppression rules, you need to be Security admin or Subscription Owner. If you just need to view the rules, you need to be Security reader or Reader.
No RepliesBe the first to reply