Reporting Malware False Positives to Carbon Black
Article ID: 285074
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Carbon Black EDR (formerly Cb Response)
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
If hash is classified as malware, but it should be trusted approved, how should this be reported to Symantec Carbon Black?
Environment
- Carbon Black Cloud Console: All Versions
- Carbon Black Cloud Sensor: All Versions
- App Control: All Versions
- EDR: All Versions
Resolution
Please submit a file to the Symantec Security Response portal for review.
Additional Information
- Announcement: Carbon Black Poised to Incorporate Symantec's Industry-Leading Reputation Services
- A Technical Support case will no longer be necessary to report false positives. The Symantec Security Response portal eliminates the need for customers to open a Support ticket for false positives and false negatives and is intended to provide a more positive, streamlined experience.
Feedback
Yes
No
Powered by
