Oct 27 2021
For the "Communication with suspicious random domain name (Preview)" incident detection, we're seeing 100% false positives from Chrome contacting three random domain names at each startup (see https://mikewest.org/2012/02/chrome-connects-to-three-random-domains-at-startup/, http://crbug.com/18942). Is there any way to suppress these based on Chrome's behavior? It tries to contact www.[random].com, plus [random].domain.com for each configured search domain. Thanks.