Whitelisting App Results

Whitelisting allows you to customize your result view to each customer

While there are many use cases for excluding detections from the results, the most common customer request was the ability to still detect a specific Suspicious/Malicious finding and exclude it when it meets given criteria.

Whitelisting can be performed at the MSP, Customer, or Device levels.  Each level inherits changes from higher levels.  

So a whitelist made at the MSP level will affect all Customers, and one made at the Customer level will apply to all of that Customer's devices.


Suppose you have your network admin devices in RocketCyber. netstat is a perfectly valid tool for them to use, and you do not want to see notifications about it. The whitelist can remove existing results and prevent future results of that type from being reported.

  1. Go to the customer to which you added your networking devicesScreen_Shot_2021-02-24_at_9.02.36_PM.png
  2. Since this particular notification is in Advanced Breach Detection, go to that app and select at least one of the checkboxes next to a result for netstat. 
  3. Click the Action button at the bottom-right, and select Add to Whitelist
  4. Select the checkbox(es) for what you would like to whitelist.
  5. If you want to remove existing records as well as preventing new ones, select the checkbox in the bottom-right labeled Remove Existing Records.
  6. Click Add 


This type of whitelisting is available for most RocketCyber apps.  See Custom Whitelisting or Whitelisting and App Triage for more information on whitelisting possibilities.

Keep in mind when performing a white list configuration at the MSP root level account when you login applies this across all managed customers.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us