Why is Anti-spyware signature "Generic PHP Webshell File Detection" Threat ID 81845 causing false positive alerts?

Why is Anti-spyware signature "Generic PHP Webshell File Detection" Threat ID 81845 causing false positive alerts?

2829
Created On 05/03/22 17:51 PM - Last Modified 04/24/24 17:54 PM


Question


Why is Anti-spyware signature "Generic PHP Webshell File Detection" Threat ID 81845 causing false positive alerts?

Environment


  • Supported PAN-OS   
  • Anti-spyware Content 

Answer


  1. Content development team modified the signature threat id 81845 to improve false positive alert rates in Applications and Threats content release version 8565. 
  2. Update to version 8565 or above to resolve the issue.
  3. If the false positive alerts are still seen, open a case with Support.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004OVvCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language