Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

User + Server exclusions

Copper Contributor

Following a recent deployment of Advanced Threat Analytics (ATA) my client is getting "Remote execution attempt detected" alerts for their Veeam backup service account against several servers. This is a known service account and they would like to exclude the alert for this activity for just this user account. However ATA only provides an option to exclude the server. 

 

Do we know if providing the ability to exclude both a specfic user and server is on the ATA roadmap?

0 Replies