Hi,
We are very interested if resolved this issue with SYMANTEC support cause we have the exact same issue on Endpoint Incidents.
random parts...
Sometimes it's even weirder cause at the beginin of the incident the highlights are correct and goes wrong gradually.
> This is realy bad and risky for first level assesment who will potentially classify these incidents as a false positive ones.
For more detail:
- This beahvior is totaly random and we have correct higlighted incident for the same policy
- It's more frequent on multiple incidents, when a same file violated several policies
- We are in 12.5.2 version Agents/Servers
Did you resolved this?
Thank you in advance.