Microsoft Defender
- Navigate to Settings > Microsoft Defender XDR > Alert tuning. Create a new rule for alert tuning
(
Triggering IOC of type "File" with the following conditions:
Folder path equals *\*Program Files\Prelude Security\Prelude Probe\*
)
OR
(
Triggering IOC of type "File" with the following conditions:
Folder path equals /Library/PreludeSecurity/.vst/*
)
OR
(
Triggering IOC of type "File" with the following conditions:
Folder path equals */preludesecurity/*
)
-
For each rule, set “Entity Role: Trigger” to equal the file and folder path of each supported OS.
Updated 10 months ago