You can add a file path to an existing malware profile.
Notice
Requires Cortex XSIAM Enterprise, Premium, or any other XSIAM license that includes endpoints or Cortex Cloud Runtime Security.
During investigation, if you deem a file path to be safe, you can add the file path to an existing malware profile allow list directly from the Issues table.
In the Issues table, select the Initiator Path, CGO path, and/or File Path field values you want to add to your malware profile allow list.
Right-click and select Add <path type> to malware profile allow list.
In the Add <path type> to malware profile allow list dialog, select from your existing Profiles and Modules to which you want to add the file path to the allow list.
(Optional) View your Malware profile allow list.
Go to + → → → and locate the malware profile you selected.
Right-click, select Edit Profile and locate in the Files / Folders in Allow List section the path file you added.
For more information about malware prevention profiles, see Set up malware prevention profiles.