02-09-2025 02:01 AM
Hi ,
when enabling the PowerShell Script Files in the Malware profile , after the save it's showing as Risk with this profile!
can some explained the why ? and was it useful to enable PowerShell Script Files in the Malware profile ?
thank you.
02-10-2025 07:17 AM
Hello @A.Alharbi095930
Thanks for reaching out on LiveCommunity!
Starting from release of XDR version 3.12, AI-powered powershell script file examination has been introduced. Since AI models require lot of data to learn and improve their findings hence the "At risk" banner is shown as a warning to test this feature on a small number of endpoints before going into full scale production environment. In this way you can avoid lot of false positive alerts and prevent accidental blocking of legitimate powershell scripts.
Please click Accept as Solution to acknowledge that the answer to your question has been provided.
02-10-2025 07:17 AM
Hello @A.Alharbi095930
Thanks for reaching out on LiveCommunity!
Starting from release of XDR version 3.12, AI-powered powershell script file examination has been introduced. Since AI models require lot of data to learn and improve their findings hence the "At risk" banner is shown as a warning to test this feature on a small number of endpoints before going into full scale production environment. In this way you can avoid lot of false positive alerts and prevent accidental blocking of legitimate powershell scripts.
Please click Accept as Solution to acknowledge that the answer to your question has been provided.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
