Greetings,
We recently experienced an issue where older Microsoft Word files in the .DOC format started triggering malware alerts. The SOC team responded, reviewed the incidents and closed them with a comment stating to whitelist the file type. I’m not able to find any documentation in the help guide section for SOCaaP. Can anyone point me to where I can find information on administering our SOCaaP implementation?
Thanks,
Matt
Hi @ntelogic,
Please check this helpful guide which can be helpful for you
https://help.comodo.com/topic-466-1-1040-16258-Introduction.html
Kind Regards,
PremJK
@ntelogic if they were suggesting to whitelist all .DOC files from AV scanning, that’s definitely not a good idea and you should seek further advice
1
Hi,
The issue .doc files are deducted as Malware has been fixed in DB version 34416. Please update the AV database and run a full scan again.
Kind Regards,
PremJK