Overview
You may come across a domain that should have its security classification reviewed. We welcome feedback on whether a domain should be reclassified as malicious or benign, and you can contact the Support team directly from the dashboard. The Security Research team reviews security classifications.
These scenarios might make you want to report a domain for reclassification:
- A False Positive—You may believe that a domain has been incorrectly categorized as malicious when it is not.
- A False Negative—You may believe that a domain is incorrectly categorized as benign when it is actually malicious.
Note:
This should not be used for content categorizations. If you believe a domain is incorrectly categorized for content (see Understanding Content Categories), please email umbrella-support@cisco.com.
How to Report a Domain
- Navigate to Reporting > Core Reports > <Activity Search>.
- Generate a report and click a domain.
- Click Suggest Security Categorization.
- In the Request Security Reclassification box, let us know why the domain should be reclassified. For example, "This domain should be blocked due to Command and Control Callback activity". Provide as much information as possible.
- Click Send.
Your request will open a ticket with us that will be reviewed as soon as possible.
Comments
0 comments
Article is closed for comments.