False Positives that aren't False Positives

[Amethyst]

I just asked a question in the False Positive section of the board re whether or not you notify people if the files they submit as false positives are actually truly malicious after all. I was told that normally that is not done.

I was going to suggest that you do let the individuals know in such a case, or even if it will be corrected in the next update or something to that effect.

I would also like to mention that I really like SAS's method of submission for possible false positives. Using the program itself to do this really makes the process very easy for the user, so thank you for that.

[Seth]

I just asked a question in the False Positive section of the board re whether or not you notify people if the files they submit as false positives are actually truly malicious after all. I was told that normally that is not done.

I was going to suggest that you do let the individuals know in such a case, or even if it will be corrected in the next update or something to that effect.

I would also like to mention that I really like SAS's method of submission for possible false positives. Using the program itself to do this really makes the process very easy for the user, so thank you for that.

Hi Amethyst.

FP's aren't an issue that most antimalaware products readily admit.

I agree that SAS's FP's could be handled better.

[Amethyst]

Well, the submission method is the most user friendly of any product I've seen, so that's a plus.

However, there are other companies that let you know that they've checked the product and what their findings were one way or the other.

I've been waiting for nearly 48 hours now re a submission I put in and there have been 4 or 5 updates since then, so I don't know what is going on.

As for companies not liking to admit to FP's...well, it happens to the best of them. We end users just need to be careful.