topic Re: What need to do when domain of our company is wrongly classified as malicious in Firewall and Security Management

What need to do when domain of our company is wrongly classified as malicious

lepa — Tue, 27 May 2025 11:18:24 GMT

Already opened ticked, but no any progress.

Re: What need to do when domain of our company is wrongly classified as malicious

PhoneBoy — Tue, 27 May 2025 18:09:23 GMT

TAC is the correct place to file those requests.
Send me the TAC SR in a PM.

Re: What need to do when domain of our company is wrongly classified as malicious

the_rock — Tue, 27 May 2025 21:09:52 GMT

I would 100% follow what @PhoneBoy suggested. I guarantee you he will help!

Andy

Re: What need to do when domain of our company is wrongly classified as malicious

PhoneBoy — Wed, 28 May 2025 20:39:41 GMT

Looking at the SR here, there are two ways something could be flagged as 'malicious"

URL Filtering, which can be checked here: https://usercenter.checkpoint.com/ucapps/urlcat/
Threat Prevention

Given that the URL provided shows up as "Low Risk" in URL Filtering, it's in Threat Prevention.
Knowing exactly what blade is blocking your domain (shown in the full log card) will help.
TAC is where customers should report false positives in either case.
Providing this information to TAC when you open the case will ensure the issue is routed promptly and thus addressed properly.

In either case, you can create an exception for your domain in your local Threat Prevention policy.
However, I've confirmed that your domain should not be flagged any longer as malicious in Threat Prevention.