How to Submit False Positives on Content Analysis to Symantec
Last Updated February 21, 2019
A file was miscategorized as a virus or given an otherwise unwarranted malicious rating (false positive) by the Content Analysis (CA) appliance. This article explains how to submit false positives on Content Analysis to Symantec.
All false positive submissions are now done through the MySymantec portal, and there is no longer a need to open a case with support to report it. To submit a false positive:
1) Log in to MySymantec
2) On the left side of the yellow banner, select the drop down menu by MySymantec, and select Submit False Positive
3) Fill out the first page of the questionnaire and click Next
4) Select which product is giving the false positive and click Next.
Note that the Content Analysis Appliance and the Malware Analysis Appliance share the option B13.
5) For Content Analysis and Malware Analysis, select the analysis type that is returning the false positive.
This information can be found from the Content Analysis appliance Management Console by viewing the report. The report is found under Statistics > Recent Threats
6) Choose how to get the file to Symantec.
Submission types are
- Upload a file - Provide a direct download URL - Provide a password protected URL - Provide a file Hash
(Other options are listed, but are for other Symantec products)
7)Describe the detection. This information can also be found from the Content Analysis appliance Management Console by viewing the report. (Management Console > Statistics > Recent Threats)
8) Provide a contact email for follow up
9) Fill in the security characters and submit the request.
A confirmation notice will appear, and an email with a tracking number will be sent to the email provided. The email will be sent from firstname.lastname@example.org
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe