Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

L7 Applicator

The best way to investigate these would be to access the Threat Vault at

Search for the Threat ID's and find the SHA256 hashes of the samples tied to the signatures.

You can then use the SHA256 hashes to research the samples on the internet. A good place to begin that research is


If you believe the signatures are built based on WildFire false positives or potential Signature Collisions you can open a request with Support to investigate.


If you know for sure that these triggers are false positives, and they're interrupting critical business tasks, you can opt to create an exception in your Antivirus profile. You can see instructions at

View solution in original post

Who rated this post