Description | Windows defender is flaging FortiEDR as a false positive and seeing it as a virus |
Scope | FortiEDR 5.X. |
Solution |
Workarounds:
In FortiEDR Central Manager choose choose 'Administration -> Tools' - Under Windows Security Center, check the box next to "Register collectors to Windows Security Center".
2. Whitelist FortiEDR in Defender.
Exclude this path: 'C:\ProgramData\FortiEDR\Config\Collector\Signatures\'
In this case, it is necessary to exclude:
'C:\ProgramData\FortiEDR\Config\Collector\Signatures\'
The review addresses false positives/negatives in Microsoft Defender for Endpoint from Microsoft on how to address false positives and how to create exclusions. |