Hi Brian,
False Positve report is too late. The Endpoint Manger has rendered a critical software system inoperable as it typiclly deletes/quarantines the exe file in question.
Submitting a false positive report afterwards is too late. Plus that will not get an end user up and running again without IT support to get the file out of quarantine.
After we first had a customer with this issue we found out about the ISV whitelisting program and have been subitting each and every build to the whitelist. This can happen on a daily basis during heavy demand periods. When a customer downloads the new software thier EPM won't delete it straight away!
The fact they have closed this facility is very disapointing.
The document (http://www.symantec.com/docs/TECH98360) states to use exceptions with extreme caution but the exception is not very flexible and it may end up having to exclude whole folders which is obviously a security risk.
I am not a cutomer, only an ISV so I guess I cannot call anyone unless you know a team that deals with whitelisting?
What are my options?