Device Management
Endpoint Detection & Response
Vulnerability Management
Kai
Liftoff
Prism
Migration Agent
Auto Apps
Passport
Compliance
Assignment Maps
Managed OS
Integrations
Mac
iPhone and iPad
Apple TV
Vision Pro
Financial Services
Technology
Artificial Intelligence
Marketing Agencies
Healthcare & Biotech
Consumer Brands
Startup
Growth
Enterprise
Resources Hub
The Sequence
Customer Stories
Reviews
Mac Admins Community
Security Details
MDM Comparison Guide
Customer Support
Product Updates
Kandji Status
Customer Login
Register a Deal
Become a Partner
Partner Portal
About Kandji
News & Press
Careers
Contact
Why Kandji?
Back to Product UpdatesBehavioral detection rules gives you greater control over how you manage EDR behavioral detections.
This feature allows you to customize detection levels to increase your protection or reduce alert noise as needed.
Customizable Detection Levels You can now choose a detection level for your behavioral detections.
- Cautious (Default): Focuses on the most serious threats to minimize false positives.
- Moderate: Casts a wider net to catch more potential threats.
- Aggressive: Provides comprehensive coverage with maximum sensitivity for a high-alert environment.
Rule Groups Detections are now organized into eight distinct categories. You can set the detection level globally or for each group individually, from Discovery and Information Gathering to Privilege Escalation and more.
Rule Exceptions For rules that don't target highly malicious behavior, you can now create exceptions to disable specific rules that generate excessive alerts.
This feature is available within the threats section for customers who have Endpoint Detection and Response enabled.
For more information, see our support article.
