This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept-X Early Access - Reporting False Hits

I have a small set of endpoints using the early access Intercept-X release.  Recently, I have started receiving hits regarding the OSSEC client running on a few of these systems.  What is the preferred route to report this issue?



This thread was automatically locked due to age.
Parents
  • Hi  

    This below article details how to raise issues for potential false positives with Intercept X, along with the available workarounds. Note that some detection will appear as legitimate files. Perform the instructions below to acknowledge alerts or exclude detected exploits ONLY if the files are assured to be valid.

    Note: Excluding the detection could put the system at risk if the detection is valid, so be fully aware of this risk. This should only be a temporary workaround and not a fix.

    Refer: Intercept X: How to report false positives

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • Hi  

    This below article details how to raise issues for potential false positives with Intercept X, along with the available workarounds. Note that some detection will appear as legitimate files. Perform the instructions below to acknowledge alerts or exclude detected exploits ONLY if the files are assured to be valid.

    Note: Excluding the detection could put the system at risk if the detection is valid, so be fully aware of this risk. This should only be a temporary workaround and not a fix.

    Refer: Intercept X: How to report false positives

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
No Data