cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MCAS

Dinesh_Kumar199589
Copper Contributor

‎Jan 26 2022 08:30 PM

‎Jan 26 2022 08:30 PM

MCAS

We are getting lot of false positive alerts for Malware Detection

798 Views
0 Likes
1 Reply
Reply
1 Reply
JaredPoeppelman

‎Feb 15 2022 05:37 PM

‎Feb 15 2022 05:37 PM

Re: MCAS

@Dinesh_Kumar199589 

 

To reduce false positives from MDCA built-in threat detections:

 

  1. First, ensure you have entered your organization's IP address ranges to tell MDCA more about your VPN and corporate IP ranges.  Note that if your corporate egress IPs are also used for egress of VPN clients, then that IP address/range should be categorized as VPN.  More info: Set IP ranges and tags | Microsoft Docs  
  2. Second, ensure that you follow the recommended investigation and feedback mechanisms for the built-in detection alerts.  Feeding back into these detections with the TP, B-TP, and FP information will improve the quality of detections. Defender for Cloud Apps anomaly detection alerts investigation guide | Microsoft Docs 

 

0 Likes
Reply