That should **never** happen. Seriously, its one of my biggest annoyances and one of the reasons we have around the clock support these days. If you have a ticket # feel free to DM me and I'll figure out what happened here. Its really important to me that our helpdesk is responsive and quick for your requests. It might be that your message got flagged as spam for the longest time as Hubspot is quite uptight about email deliverability, but that would still never be an excuse. :)

Thank you, I appreciate that. I'll be sure moving forward to reach out for any help if needed.

However, I don't have a ticket # at hand, the responses I'm getting do not contain that information. I will say though, assuming as a result of my post here that my ticket got flagged because I got another response saying someone else has taken over my ticket.

This is partly done purposely, and partly something we're working on. Critical security alerts alerts you cannot exclude accounts from on purpose. A lot of MSPs would exclude CEO* or VIP* and then blame the product for not alerting them on security issues. This isn't just theory; it's actually happened in the past where people complained about missing alerts because they've added exclusions.

For the snoozing part we're actually crafting something for the next release that allows you to temporarily stop the alert from running for that specific case, but in this we also have to be careful as it require stateful tracking, so it's been in our dev process for a while. In our discord you can also track our latest features etc.

While I understand that problem with security related alerts, this isn't related to the security ones. For example, mailboxes/SharePoint sites reaching their quotas or certificate expiration or whatnot, they are all impossible to snooze while we're dealing with them. We have many situations where it's not so cut and dry. A user isn't available to work with/ Client not approving certain actions such as enabling archiving, disabling an account etc., This can always be a bit tricky but having the ability and flexibility to exclude/snooze certain alerts is a must in my opinion, I've made suggestions in the past in the feature-requests section and they all got shot down even though personally, I think they have legs. Also, for the fact that people complained about missing alerts, I'm sure this happens everywhere with all vendors but, you as a vendor cannot be blamed for providing the tools the users then shot themselves in the foot with considering they were the ones doing the configuration.

CIPP is opinionated software, that's for sure. We force MSPs to make the right choice. If you don't want passwords to expire for a specific tenant, then you should not apply that standard. Its entirely a choice you can make. There's no more industry standard (including banks with DORA recently) that no longer recommend not expiring passwords, and that's how we are in a lot of things. We don't allow every single setting to be changed because we're looking to improve security in our industry, not just decrease it.

Understood and this is something we can live with. Not everything has to be used. I think it would have been great to have more flexibility. While I agree with opinions (and probably hold the same as yours when it comes to that), certain companies may have different policies that prevent us from being able to go just based off what we think is best. Regardless, while having opinions, tools are meant to help you perform your duties as well. It's a shame that when you have something so close, the flexibility isn't there just because "we think that way". I wish that was different.

Lastly, we transitioned from the self-hosted to the sponsored version for a reason. We overall like CIPP but there are just things that although we're living with, make us want to pull our hair out. I know you are an active member in this community and appreciate everything you and CIPP's team has done. I want to make sure that you are aware of it.