Before in Traps Management Services, I was able to report a false positive hash to WildFire for revision.
How can I do that in Cortex ?
Hello @CJP-PALOALTO I find that if you open up the specific Incident, in the Key Artifacts area, there should be the file itself and then under the Threat Intelligence there is "WF Benign" or "WF Malicious" (for example) and near it an icon that allows you to click and present the Wildfire Report. From there select the icon on the top right corner of the WF Analysis Report screen and should present workflow to "Report Verdict as Incorrect". (see screenshot for details)
Hope this helps and I didn't misunderstand what you are requesting.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!