deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update defender-endpoint-false-positives-negatives.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2021-01-15 12:06:56 -08:00
parent 03455cece2
commit 5eddcebd71
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md
View File

@ -31,11 +31,14 @@ ms.custom: FPFN
- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146806)
In the area of endpoint protection, a false positive is an entity, such as a file or process, that was detected and identified as malicious, when, in fact, the entity does not pose a threat. A false negative is an entity that was not detected as a threat even though it is, in fact, malicious. The process of addressing false positives/negatives can include:
- Reviewing your threat protection settings and making adjustments where needed
-
In endpoint protection, a false positive is an entity, such as a file or process, that was detected and identified as malicious, when, in fact, the entity does not pose a threat. A false negative is an entity that was not detected as a threat even though it is, in fact, malicious. The process of addressing false positives/negatives can include:
- [Reviewing your threat protection settings and making adjustments where needed](#review-your-threat-protection-settings);
- [Defining exclusions, such as for antivirus and other endpoint protection features](#review-or-define-exclusions-for-microsoft-defender-for-endpoint);
- [Classifying false positives in your endpoint protection solution](#classify-a-false-positive-or-false-negative);
- [Submitting files for further analysis](#submit-a-file-for-analysis); and
- [Verifying that the applications your organization is using are properly signed](#confirm-your-software-uses-ev-code-signing).
If youre using Microsoft Defender for Endpoint, and you're seeing false positives or negatives in your Microsoft Defender Security Center, use this article as a guide to take action.
If youre using Microsoft Defender for Endpoint, and you're seeing false positives/negatives in your Microsoft Defender Security Center, use this article as a guide to take action.
## Review your threat protection settings