Policy

In the Policy section, you can:

• Configure automatic response when Infinity XDR Extended Detection & Response/XPR Extended Prevention & Response detects an IoC with a specified severity. See Automations.

• Save queries as a rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. to generate Infinity XDR/XPR incidents when a Threat Hunting event matches the rule. See Custom Rules.

• Configure exclusions for assets, artifacts and insights that are not malicious. See Exclusions.