We do a thorough screening and testing of every single signature before it is pushed out to customers, to make sure we never create so-called false positives (i.e. detections of something that isn’t malicious). However, we do have procedures in place if something does slip through.
If you believe that a detection is a false positive, please follow the following steps to report this to us:
Get a copy of the exact file on your website that is flagged for detection by Patchman
Make note of the affected website, which server it is detected on, and the full file path of that file
Send an email to firstname.lastname@example.org in which you mention all the above details, and include the exact file as an attachment.
Please do not copy-paste the file’s contents into the email body. Some data may be lost which slows down our ability to help you. It must be included as an attachment.
Based on all this information, we will investigate the detection. If it is considered a legitimate detection, we will explain why that is. If it is indeed an incorrect detection, we will retract the signature, which would lead to automatically retracting all detections based on that signature.