Add Threat To Exclusions - Blink Documentation

Add a threat to exclusions. The “whitening option” is required. When you create an exclusion, you override the “malicious” verdict of the agent for a detection. This can open holes in your security deployment. We recommend using this action with caution.

Parameters

Parameter	Description
Target Scope	Scope to be used for restrictions.
Threats IDs	List of threats IDs to add to exclusions.
Type	Selected Exclusion type.

Example Output

{
	"errors": [
		{
			"type": "object"
		}
	],
	"data": {
		"affected": "integer",
		"details": [
			{
				"analystVerdict": "updated",
				"result": "created",
				"threatId": "225494730938493804"
			}
		]
	}
}

Workflow Library Example

Add Threat to Exclusions with Sentinelone and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example