The recently installed EDR module is causing alerts constantly on a BitDefender agent .exe file which is causing a lot of noise for the analists. How would I whitelist a specific file found on my endpoints?
Hi Rob, spoke on Wednesday to your guys. Should be all set up now.
You have to edit App Rules in your decoder. For example, you can add filename.src != ’BitDefender.exe’ Regards,