We have introduced an enhancement to suppression logic that makes managing accepted behavior more efficient and accurate.
As a reminder, a key detection is one which, on it’s own, would produce a new BCD (Broad Context Detection). A suppressed key detection indicates that the respective behavior has been suppressed by an existing suppression rule.
What’s New?
Easily View Suppressed Detections
When a key detection is suppressed, it is now marked with a distinctive symbol in the BCD. This means you can easily tell which key detections have been suppressed by existing rules.
No More Duplicate Rules
When suppressing a new BCD that includes previously suppressed key detections, this helps avoid reconfiguring rules for already suppressed key detections.
Improved Rule Limit Handling
The existing limit of 5 key detections per suppression rule now excludes already suppressed key detections, giving you more flexibility when creating new rules.
Why It Matters
This update reduces noise, prevents duplication, and ensures accepted behavior is handled consistently and automatically — saving time and improving clarity in your detection management.