Product: PowerShell Pro Tools 2022.11.2 (and possible previous version)
We are experiencing lots of false positive alerts with various detections by defender. Different Executable are deleted/isolated by defender. Lots a security alerts are going off. What is going on?
We’ve been seeing a large increase in false positives from PowerShell executables across all anti-virus platforms (you can upload it to VirusTotal to get a feeling for that).
Currently, the best options are to:
- Exclude the executable from Defender scans
- Sign the executable using a code signing certificate
- Using our new Ironman PowerShell Host