Submit a revision about false positive malware in Cortex

Reply
Highlighted
L0 Member

Submit a revision about false positive malware in Cortex

Hi,

Before in Traps Management Services, I was able to report a false positive hash to WildFire for revision.

How can I do that in Cortex ?

 

Thank you.

Highlighted
L2 Linker

Hello @CJP-PALOALTO I find that if you open up the specific Incident, in the Key Artifacts area, there should be the file itself and then under the Threat Intelligence there is "WF Benign" or "WF Malicious" (for example) and near it an icon that allows you to click and present the Wildfire Report.  From there select the icon on the top right corner of the WF Analysis Report screen and should present workflow to "Report Verdict as Incorrect". (see screenshot for details)
Hope this helps and I didn't misunderstand what you are requesting.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!