- Navigate to Settings > Microsoft Defender XDR > Alert tuning. Create a new rule for alert tuning
( Triggering IOC of type "File" with the following conditions: Folder path equals *\*Program Files\Prelude Security\Prelude Probe\* ) OR ( Triggering IOC of type "File" with the following conditions: Folder path equals /Library/PreludeSecurity/.vst/* ) OR ( Triggering IOC of type "File" with the following conditions: Folder path equals */preludesecurity/* )
-
For each rule, set “Entity Role: Trigger” to equal the file and folder path of each supported OS.
