If you get a threat that you know is not malicious, you can add it to the Allow List so that it is no longer reported as a threat. This will help reduce distractions by preventing false positives in the future. If you decide the threat may be malicious later, you can also remove the threat from the Allow List.
When you add a threat to the Allow List, you're adding the threat's Hash to the list. A threat on the Allow List is allowed for all endpoints in the site where you allowed the threat.
To set up the Allow List, you can:
- Add threats to the Allow List
- Filter the Allow List Page
- View details of threats on the Allow List
- Remove a threat from the Allow List
To add a threat to the Allow List
- In Barracuda XDR Dashboard, click Intelligence > Endpoint Security.
- In the All Threats table, click the row of the threat you want to add to an Allow List.
- In the top right corner, click Add to Allow List.
- Click Confirm.