Shield Malware Threat Detection False Positives on Excel Documents with Macros
Multiplan (160k ARR) turned on Malware Deep Scan and was getting 3-5 false positives per day because users across multiple departments often work on Excel Documents with Macros. Due to their process, users need to upload new versions of these Excel documents daily (they cannot use Version Control to handle this). So the IT team is being pinged every time a new version is added. This has been so overwhelming that the IT team has turned off Malware Detection. They will enable again if Macros are not accidentally flagged as potentially malicious.
AdminJulia Benivegna
(Solutions Engineer, Box)
shared this idea
False positives detections are a possibility with any malware detection tool. At Box, we want to make sure our customers have controls to manage alerts that are generated and stop any unnecessary noise. We have some additional detection filters for our malware detection rule on the proposed roadmap for this year.
-
Will Semons
commented
This is a major issue for one of my customers. This will require a lot of time manually updating notifications moving forward. Please consider this a priority. Thank you!
-
Sean
commented
It's 2024 - any news on this? It would seem helpful to have a way to control by confidence level and or category of concern. We are finding many XLSM listed as unknown malicious through deep scan.