Microsoft Defender - Fine tuning the alerts

%3CLINGO-SUB%20id%3D%22lingo-sub-2148912%22%20slang%3D%22en-US%22%3EMicrosoft%20Defender%20-%20Fine%20tuning%20the%20alerts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2148912%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%20MAC%20OS%20workstations%20which%20are%20integrated%20with%20Defender%20ATP.%3C%2FP%3E%3CP%3EOne%20Particular%20genuine%20bash%20script%20is%20running%20frequently%20in%20all%20the%20machines%2C%20those%20activity%20alerting%20as%20%22Suspicious%20Base64%20decoding%22.%20tried%20to%20suppress%20those%20particular%20alert%26nbsp%3B%20but%20no%20luck.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20best%20way%20to%20fine%20tune%20one%20particular%20script%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

We have MAC OS workstations which are integrated with Defender ATP.

One Particular genuine bash script is running frequently in all the machines, those activity alerting as "Suspicious Base64 decoding". tried to suppress those particular alert  but no luck.

 

Any best way to fine tune one particular script?

0 Replies