Add Threat To Exclusions
Add a threat to exclusions. The "whitening option" is required. When you create an exclusion, you override the "malicious" verdict of the agent for a detection. This can open holes in your security deployment. We recommend using this action with caution.
Parameters
| Parameter | Description |
|---|---|
| Target Scope | Scope to be used for restrictions. |
| Threats IDs | List of threats IDs to add to exclusions. |
| Type | Selected Exclusion type. |
Example Output
{
"errors": [
{
"type": "object"
}
],
"data": {
"affected": "integer",
"details": [
{
"analystVerdict": "updated",
"result": "created",
"threatId": "225494730938493804"
}
]
}
}
Workflow Library Example
Add Threat to Exclusions with Sentinelone and Send Results Via Email
Preview this Workflow on desktop