Crowdstrike Endpoint integration
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 01:59 PM
Is any other way to filter the endpoint alerts that come in so that security incidents are only created for certain alert types besides altering the scripts?
Are there alert rules or something we can configure to get this to work without updating the scripting?
Are here rules that can be configured to deduplicate endpoint alerts as well to prevent incidents being created when multiple alerts come in with the same threat/same host?
0 REPLIES 0