Devo Exchange has released the new SecOpsAuthAuthorizedAccess Lookup. It adds more whitelisting functionality to your Devo Detections from the Security Operations application by allowing them to reference a list of permitted hosts, their associated users, and zone information within your authentication services. This can be used to help carve out certain hosts and users that need to be whitelisted from everyday alerts - helping to lower your false positive rate when properly configured and can help make your alerts more actionable.
Learn more from our Documentation page
