Hi all, I noticed that the Sandblast marks particulair.pdf files with an embedded link from Microsoft (in this case a custom created Office form via https://forms.office.com) as a malicious C&C site. This is defiantly a false positive. Anyone experienced the same?. Of course I can follow sk118875 and submit this false positive for review by Check Point support but this is quite a hassle due to privacy rights and sharing customer data etc. Any suggestions are welcome.