Hi BackItUp2020,
Thank you for sharing your script solution here.
As for the issue itself:
> It would be great to have an "baseline" feature so that everything is scanned at the time of the malware enablement is considered safe. Or something along those lines.
Do I get it correctly your request is that on the initial scan, no machines are marked as infected, and any file types found are automatically considered "safe"?
I understand that enabling the Malware Detection feature resulted in quite a few alerts, but particularly with inline scan analysis, the triggers are pretty specific.
Since you mention the Suspicious Files XML, I'm guessing that it's the Guest Indexing scan that is triggering a lot of alerts, but I'm not quite getting the request for change on this element, so if you can elaborate on your request, it would be much appreciated.
I think that not flagging potential vulnerabilities, even on first scan, is not ideal; the scan is looking for pretty specific triggers/artifacts to determine if there is something suspicious to be investigated, so might be better if we can understand why these alerts are being triggered and how to better address them.
Thank you for sharing your script solution here.
As for the issue itself:
> It would be great to have an "baseline" feature so that everything is scanned at the time of the malware enablement is considered safe. Or something along those lines.
Do I get it correctly your request is that on the initial scan, no machines are marked as infected, and any file types found are automatically considered "safe"?
I understand that enabling the Malware Detection feature resulted in quite a few alerts, but particularly with inline scan analysis, the triggers are pretty specific.
Since you mention the Suspicious Files XML, I'm guessing that it's the Guest Indexing scan that is triggering a lot of alerts, but I'm not quite getting the request for change on this element, so if you can elaborate on your request, it would be much appreciated.
I think that not flagging potential vulnerabilities, even on first scan, is not ideal; the scan is looking for pretty specific triggers/artifacts to determine if there is something suspicious to be investigated, so might be better if we can understand why these alerts are being triggered and how to better address them.
Statistics: Posted by david.domask — Jan 10, 2025 10:06 am
