CB ThreatHunter: Watchlist False Positive for process_file_description:"Windows Command Processor"
Article ID: 289703
Updated On:
Products
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Issue/Introduction
- Process with unknown file descriptions are marked by watchists requiring process_file_description:"Windows Command Processor"
- Searches on the investigate page will return the same results
Environment
- CB ThreatHunter
Cause
Unknown
Resolution
Carbon Black is investigating the root cause
Feedback
Yes
No
Powered by
