Skip to content

Commit 9955611

Browse files
mchandran27mchandran27
authored
Update indicators-overview.md
1 parent e0f26ce commit 9955611

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

defender-endpoint/indicators-overview.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,8 @@ The IoC API schema and the threat IDs in advance hunting are updated to align wi
155155
> File and certificate indicators do not block [exclusions defined for Microsoft Defender Antivirus](/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus). Indicators are not supported in Microsoft Defender Antivirus when it is in passive mode.
156156
>
157157
> The format for importing new indicators (IoCs) has changed according to the new updated actions and alerts settings. We recommend downloading the new CSV format that can be found at the bottom of the import panel.
158+
>
159+
> If indicators are synced to the Indicator in the MDE portal from MDCA sanctioned/unsanctioned applications, the 'Generate Alert' option will be enabled by default in the MDE portal. If you try to uncheck the 'Generate Alert' option in MDE, it will be re-enabled after some time as the MDCA policy will override it.
158160
159161
## Known issues and limitations
160162

0 commit comments

Comments
 (0)