A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?
A file is identified as malware by the Local Analysis module whereas WildFire verdict is Benign, Assuming WildFire is accurate. Which statement is correct for the incident?
If a file is identified as malware by the Local Analysis module but the WildFire verdict is Benign, assuming WildFire is accurate, then the correct statement for the incident is that it is a false positive. A false positive occurs when a system incorrectly identifies a benign event as malicious.
the follow up question is what to do about this. I think you would put an exception to the policy, not touch wildfire.
B Palo alto study guide - 4.1.4: False positive—An event that produces an alarm when no attack has taken place