Senior Member

We get a steady stream of alerts from users uploading files with .xyz extensions to M365. The majority of these we see are used by a software called matlab.


Is there a way to not mark these files as potential ransomware? I understand there is a ransomware variant that uses the same file extension but we've never seen an instance where this alert is a true positive and we've has many false positives related to this specific extension and alert.