Loading...

Knowledge Center


How to submit your company's software to be considered for validation against DAT files (Whitelisting Program)
Technical Articles ID:   KB85568
Last Modified:  4/7/2017
Rated:


Environment

McAfee DAT files
McAfee Labs
Multiple McAfee products

Summary

This article describes how to submit your company's software to McAfee Labs to be considered for validation against DAT files through the Whitelisting Program.

Solution

McAfee Labs Core Security Updates Team uses a False Positive Test Rig as part of our extensive pre-release testing. This test rig is a large array of catalogued data, used by the Core Security Updates team to guard against false positives occurring in released DATs. It consists of a collection of known clean data, acquired from commercial software vendors, including Intel®, Microsoft, and IBM. Additionally, the McAfee False Prevention team actively targets data from the Internet for download to the rig.

McAfee Labs also offers customers, partners, and other third-party software manufacturers the opportunity to submit their own proprietary software for inclusion in this rig. This significantly reduces the chances of a DAT causing false positives on unique customer applications or data. The False Positive Test Rig is located on an isolated network, and the data it contains is used only for false-positive identification testing.

Before every DAT release, the data on the false rig is scanned to identify false positive detections. Any identifications are passed to McAfee Labs researchers for analysis. The McAfee Labs Research team have final sign off on every DAT release.


Data submission process
IMPORTANT:
  • If you submit data for inclusion to the False Positive Test Rig, ensure that you are legally entitled to distribute the software outside of your organization. McAfee cannot be held responsible for unauthorized software distribution.
  • Customers, partners, and other users should resolve any existing detection or interoperability issues prior to contacting the McAfee False Prevention (Data Submissions) team using the guidelines in KB85567.
If you want files to be included, you can submit them using the following methods:
NOTE: The supported submission formats are ZIP, RAR, or pre-extracted. Presently, McAfee Labs is unable to process Norton Ghost, ISO, VMware, or other proprietary image formats. If you are submitting specific applications or data, please submit the extracted contents of the installation package in addition to the installer to ensure all components are whitelisted.

After the data is processed and moved to the scanning rig, a confirmation email is sent to you. The expected time between McAfee Labs receiving the data, and it being processed, will vary depending on the size of the submission and current workloads, but should not exceed two working days from receipt of the submission.


What happens to the submitted data?
Where possible, the data is extracted and hashes are created to uniquely identify each file. These hashes are compared against a database of existing data, and those we already have are discarded. Any new data not currently held on the False Rig will be included on the rig and scanned with each DAT release.


Submission details
Include as much information as possible with any submission, including (but not limited to) the following:
  • Company name
  • Contact name
  • Address
  • Contact phone number (including country code)
  • Contact email address
  • SAM or Account Manager name
  • Products used (including product version and patch level)
  • Any Scan or product settings used
  • If posting by traditional mail, confirm the count of media enclosed, including the number of files
  • Description of submission contents (for example: bespoke product, internal data, software functionality and purpose)
  • Any other relevant information (such as frequency of updates)
For further information or questions, contact the False Prevention team at: datasubmission@mcafee.com
 

Rate this document

Did this article resolve your issue?

Please provide any comments below

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.