Decoy Notifications

We have enabled Decoy files on a lot of endpoints and this seems to be generating false positives.

Is there a way to prevent these from being sent or at least categorically identify these as decoy detections and avoid unnecessary notifications?

Notification details as follows:
Name: Trj/RansomDecoy.A
Path: TEMP|\489314D86C55A948A225789DB7A93229_000000004D5F663E.tmp
Hash: 865C0C0B4AB0E063E5CAA3387C1A8741

Comments

  • David_CarroDavid_Carro WatchGuard Representative

    I have just send a PM to you, let me know if you do have any further issues.

    David


    David Carro | Technical support
    WatchGuard Technologies, Inc. | www.watchguard.com

  • Hi, we're having the same issue. How was it resolved?

    Kind regards,

    Alessandro

  • David_David_ WatchGuard Representative

    Hi, Cicciopalla.

    I have just sent you a PM.

    David

  • I have the same issue with Panda,

  • Carmen_GomezCarmen_Gomez WatchGuard Representative
    edited January 13

    Hi BillyBrannum153,

    I am sending you a PM

    Regards,

    Carmen Gomez| Technical support
    WatchGuard Technologies, Inc. | www.watchguard.com

  • I have the same issue

  • David_David_ WatchGuard Representative

    Hi, mchavez
    PM sent.
    Let us know if there are further issues.

  • RosaRosa WatchGuard Representative

    Hi mchaves

    I am sending you a PM

    Regards,

    Rosa

  • Hi,

    we have the same messages on endpoint protection clients.

    Regards,

    Mark

  • Carmen_GomezCarmen_Gomez WatchGuard Representative

    Morning,

    Anyone experiencing this issue please open a case with support by sending the query to [email protected]

    Thanks for your collaboration.
    Regards,

    Carmen Gomez| Technical support
    WatchGuard Technologies, Inc. | www.watchguard.com

Sign In to comment.