My name is Doron and I’m the team lead of the Static Analysis and Threat Emulation teams for Harmony EndPoint.
I noticed your post on CheckMates about the false positives by Anti-Malware, Anti-Ransomware and Forensicss blades.
Since some files are updated after our signatures are delivered, false positives may occur from time to time.
For further inspection and preventing this in the future, can you please share some additional information about the false positives you experienced and attach the Forensics reports from: C:\ProgramData\CheckPoint\DBStore\Events folder on the relevant machines?
Also, for these files, can you please share the files with us for further analysis with regards to why those files were detected?
I have sent you an email about this, let's continue the discussion there.
Doron Zuckerman | Harmony EndPoint Static Analysis ML and Emulation Team Lead
Check Point Software Technologies Ltd. | M +972-54-345-3459 | firstname.lastname@example.org