The original post: /r/cybersecurity by /u/Dubai-NFTs on 2024-07-04 06:29:48.

I daily receive tons of SIEM alerts for service installation or service creation and bunch others which are basically performed by Windows machine accounts (xyz$ accounts). What is your strategy dealing with these alerts? Can I whitelist all the activities performed by Machine Accounts?