deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update defender-endpoint-false-positives-negatives.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2021-01-15 11:38:36 -08:00
parent 593e88abae
commit b4a2125bc0
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md
View File

@ -137,6 +137,12 @@ Your security team can create indicators for files, IP addresses, URLs, domains,
## Classify a false positive or false negative ## Classify a false positive or false negative
As alerts are triggered, if you see something that was detected as malicious or suspicious that should not be, you can suppress alerts for that entity and classify alerts as false positives. Managing your alerts and classifying false positives helps to train your threat protection solution. Taking these steps also helps reduce noise in your security operations dashboard so that your security team can focus on higher priority work items.
### Suppress an alert
### Classify an alert as a false positive ### Classify an alert as a false positive
Your security team can classify an alert as a false positive in the Microsoft Defender Security Center, in the Alerts queue. Your security team can classify an alert as a false positive in the Microsoft Defender Security Center, in the Alerts queue.