Intercept-X Early Access - Reporting False Hits

Question

I have a small set of endpoints using the early access Intercept-X release. Recently, I have started receiving hits regarding the OSSEC client running on a few of these systems. What is the preferred route to report this issue?

This thread was automatically locked due to age.

Gowtham Mani · Answer

Hi Jeff Falk 
 This below article details how to raise issues for potential false positives with Intercept X, along with the available workarounds. Note that some detection will appear as legitimate files. Perform the instructions below to acknowledge alerts or exclude detected exploits ONLY if the files are assured to be valid. 
 Note : Excluding the detection could put the system at risk if the detection is valid, so be fully aware of this risk. This should only be a temporary workaround and not a fix. 
 Refer: Intercept X: How to report false positives