You have determined that you have numerous Machine Learning detections in your environment that are false positives. They are caused by a single binary that was custom written by a vendor for you and that binary is running on many endpoints. What is the best way to prevent these in the future?
- Contact support and request that they modify the Machine Learning settings to no longer include this detection
- Using IOC Management, add the hash of the binary in question and set the action to "Allow"
- Using IOC Management, add the hash of the binary in question and set the action to "Block, hide detection"
- Using IOC Management, add the hash of the binary in question and set the action to "No Action"
Reveal Solution
Next Question