Sep 24 2024 08:44 AM
Hello,
I am trying to find out whether there is a way to suppress Defender for endpoint notification in Windows 10/11. The reason is that we run security testing regularly and I do not want to get end users disturbed by Defender notifications on their computers.
I was able to suppress alerts in "Microsoft Defender XDR > Rules > Alert tuning", but this only affect the alerts generated in Defender portal.
We use M365 E3 with M365 E5 Security
Thank you.
Sep 24 2024 02:51 PM
Sep 25 2024 12:34 AM
thank you @rahuljindal-MVP
was reading through the post, and correct me if I'm wrong, but this will block notification in general. So even a real threat notification will be blocked. What I try to achieve is that only the threats generated by our tests will be ignored. We have a folder (e.g. "C:\TESTING") where an agent is located that runs the tests....
Sep 25 2024 01:04 AM
Sep 25 2024 01:08 AM - edited Sep 25 2024 01:09 AM
the problem is that we run adversary emulations that runs modified malware etc... so lots of our testing is marked as "critical" by Defender. I need to disable notifications for the ones generated with our tests so that when, lets say a CEO is on a meeting, he is not getting multiple defender popups reporting threats...
The ones that are not triggered by our testing, I want them to work as usual -> defender notification will pop up
Sep 25 2024 06:31 AM
Sep 25 2024 06:34 AM