Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Communication with suspicious random domain name (Preview) false positives

Copper Contributor

For the "Communication with suspicious random domain name (Preview)" incident detection, we're seeing 100% false positives from Chrome contacting three random domain names at each startup (see https://mikewest.org/2012/02/chrome-connects-to-three-random-domains-at-startup/, http://crbug.com/18942).  Is there any way to suppress these based on Chrome's behavior?  It tries to contact www.[random].com, plus [random].domain.com for each configured search domain.  Thanks.

0 Replies