I am new to harmony checkpoint endpoint and would like some guidance as to what the normal process is for companies when we encounter endpoint clients being flagged as malicious activity files quantined by Checkpoint, under cyber security endpoint reporting for malware and antibot as active or blocked ? At the moment our only step is to remove devices off the networks a re-image if they are infected.
Do checkpoint have any remediation tools or techniques to assist with confirming if they are false positives or genuinely infected ?