AnsweredAssumed Answered

Whitelist false positive in Endpoint ESA Rules

Question asked by Jeremy Kerwin on Feb 15, 2021
Latest reply on Feb 26, 2021 by Jeremy Kerwin

We have a poorly coding internal application that keeps triggering the Endpoint ESA rule 'unsigned outbound from temp directory'

 

What would be the best way to whitelist this so it doesn't keep showing up in alerts in the respond module?

Outcomes