This website uses cookies to ensure you get the best experience on our website.
Please note that by continuing to use this site you consent to the terms of our Privacy and Data Protection Policy .
Some of our partner services are located in the United States. According to the case law of the European Court of Justice, there is currently no adequate data protection in the USA. There is a risk that your data will be controlled and monitored by US authorities. You cannot bring any effective legal remedies against this.
Accept

Decreasing false alarms in enterprise security products

28. July 2023

For many years, AV-Comparatives’ protection tests have included a false-positives test, to ensure that security products do not provide protection at the expense of plaguing the user with false alarms. From time to time, enterprise users send us false-positives samples that they have encountered themselves. This is very helpful to us in our research, and so we are now making it easier to submit FPs to us. 

False positives are particularly disruptive in business/enterprise environments. They may disable legitimate business products, encourage users to disable security measures or ignore warnings, and/or require time and effort on the part of IT staff to remediate the problem. Please see our blogpost “The curse of the false positive” for a more complete discussion of the subject.

From time to time, enterprise users send us false-positives samples that they have encountered themselves. This is very helpful to us in our research, and so we are now making it easier to submit FPs to us. We might use submitted files in our false-positives tests, if certain criteria are met (e.g. high prevalence).

  • If your security product still detects the file as malicious, please contact the respective vendor for assistance.
  • Please do not submit any files that could be considered confidential for any reason.
  • When providing us with a false-positive sample:
    • Before submitting the file to us, please query/upload it on VirusTotal and send us the link to the results page.
    • Please tell us which security product detected the file as malicious. Please note that we are not interested in PUA (potentially unwanted apps) detections or in files with zero prevalence (therefore, e.g. self-written files will be ignored).
    • Please tell us the approximate date when the false positive occurred.
    • Please tell us which application this file is a part of.
    • If possible, kindly let us know (briefly) what effect the false positive had on your business (e.g. application unavailable, investigation by IT support staff needed).
    • We would also be grateful if you could provide us with any other information that you feel is relevant.
  • The submission process is anonymous.

Enterprise users can submit confirmed FPs here: https://report-fp.av-comparatives.info

Thanks for your help!