Hi @thejackal, @KRisselada is correct. You have two options here. You can whitelist the file within your own environment or you can report the verdict as incorrect to WildFire. If you report it as incorrect, members of our Unit42 team will examine the file in more depth to possibly update the verdict. You mentioned that you did not have issues with Traps and they the problem occurred with the current iteration of the product. I think this is because Cortex XDR has more methods to detect threats such as the Behavioral Indicator of Compromise (BIOC). When a certain behavior matches these rulesets, you may have additional alerts that were not there in Traps. In any case, it is worth submitting the app for additional review since it is a needed application.
... View more