How do you manage the different meeting systems download apps?
Sndblast keep alerting in logs as detected but with Severity=Low and Confidence Level=N/A
SandBlast Agent Threat Emulation has detected access to: C:\Users\USERNAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XXUF8VS0\G2MCoreInstExtractor.exe. See attached report
I am thinking of changing the "Blade Activition" policy setting for the Anti-Bot agent to ignore Confidence Level=Low. Today it is detect on Low and prevent on High and Medium.
Is a change like that safe, or is it better to keep it as is an filter the events, logs and reports?