all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft Defender Incident Question

Add to bookmarks
May 22, 2023, 8:31 p.m. | /u/lrob1823

cybersecurity www.reddit.com

I’m investigating an incident in Defender and it has 2 alerts associated with it: 1) email reported by user as malware or phish 2) external user added. Is there a way to break these into 2 separate incidents because one of the alerts is true positive and one is a false positive. Managing the alert doesn’t manage the incident. I’ve tried to look this up on Microsoft but haven’t found anything about separating them. Any help would be appreciated. Thanks.

alert alerts cybersecurity defender email external false positive incident incidents malware microsoft microsoft defender phish question

Visit resource

More from www.reddit.com / cybersecurity

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks 3 hours ago | www.reddit.com
arcanedoor breach cisco cybersecurity +5
Has anyone made it out of this field? 8 hours ago | www.reddit.com
cost cybersecurity don down +3
Unauthenticated privilege escalation in Horacius (Identity and Access Management) - CVE-2024-29417: a security software vulnerability … 9 hours ago | www.reddit.com
access access management cve cve-2024 +18
Are Level 1 & 2 SOC Analyst's becoming irrelevant positions? 10 hours ago | www.reddit.com
amp analyst current cybersecurity +11
How will the US ban Tiktok on a technical level? 13 hours ago | www.reddit.com
app apple app stores ban +15
Being used?? 14 hours ago | www.reddit.com
checkbox cyber cyber security cybersecurity +4
Are ISO 42001 and NIST AI RMF on Your Radar This Year? 14 hours ago | www.reddit.com
ciso cybersecurity frameworks industries +6
Qualys vs Nexpose vs Nessus 15 hours ago | www.reddit.com
cybersecurity eol experience found +14
Anyone with ADHD/ADD who's thriving in the field of cybersecurity? 17 hours ago | www.reddit.com
adhd cybersecurity suitable

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Regional Leader, Cyber Crisis Communications

@ Google | United Kingdom
View on infosec-jobs.com

Regional Intelligence Manager, Compliance, Safety and Risk Management

@ Google | London, UK
View on infosec-jobs.com

Senior Analyst, Endpoint Security

@ Scotiabank | Toronto, ON, CA, M1K5L1
View on infosec-jobs.com

Software Engineer, Security/Privacy, Google Cloud

@ Google | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Security Engineer

@ Coinbase | Remote - USA
View on infosec-jobs.com
View more jobs