This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Cortex XDR False Positive Report

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Cortex XDR False Positive Report

york
L0 Member

‎11-27-2024 12:14 AM

Hello everyone,

We develop some applications and our customer told us when they install the application, it gives a malicious warning for a sub installer "gcad_local.exe". Is it possible to submit the file to Cortex XDR and add it to whitelist in some way?

Cortex XDR 

Cortex XDR
Thumbnail of Cortex XDR
Palo Alto Networks
Cortex XDR
Security Operations
View on Product Page
0 Likes Likes
2 REPLIES 2

york
L0 Member
In response to john589dane

‎11-27-2024 12:29 AM

Hello Sir, thanks for your reply! However, this applicaiton will also be used among other customers who also use Cortex XDR on their machine. I am afraid they will still meet same error and think there is a virus with our application. Is there a way to submit it to paloalto to scan the file, so that this application will not be blocked by any Cortex XDR users anymore? 

0 Likes Likes

nar
L2 Linker
In response to york

‎11-27-2024 10:54 PM

Hi @york 

To answer this, we first need to understand what module is blocking it, Is it Wildfire or Local analysis or something else and based on that the exceptions work.If you are looking to analyze an .exe file then we have Wildfire engine from which CortexXDR Auto upload/analyze/compare and pull the verdicts from.
Ref - https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Documentation/WildFire-analysis-con...

If you want to manually do this analysis on a file then this is the portal link - https://docs.paloaltonetworks.com/advanced-wildfire/administration/configure-advanced-wildfire-analy...


Give it a like & mark this as solution if this answered your query.
 
 
 
0 Likes Likes
  • 131 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks