Showing results for 
Search instead for 
Did you mean: 

Adavptive threat Protection Options and GTI review of PDFs

I have been researching this for a little while now and I unfortunately do not have full access to review all the settings for this.  From the ENS Help site,  It reads the following:   GTI File Reputation looks for suspicious programs, Portable Document Format (PDF) files, and Android Application Package (.APK) files that are active on endpoints running McAfee products, including Endpoint Security (ENS).  In the options section there is a way to disable or enable Cloud Based scanning. 

The GTI normally uses a Hash based means of scanning and returning whether or not the file is good, unknown or bad.  (Laymens terms here)  But in the above snippet it reads as if it sends the .pdf  document to the GTI for scanning.  Is this true, or is it still just the hash value.  I have not been able to find this information anywhere.  If it does send the .pdf, is there a way to disable this so that it doesn't send the .pdf and we assume the security risk of not scanning it?


Thank you for any help.



1 Reply

Re: Adavptive threat Protection Options and GTI review of PDFs

Contiued reading, I read through the GetClean Tool product guide and this tool collects and sends only unknown or False positives.  The GetClean tool does not send any PDF documents but does help with any other product that uses McAfee whitelising.  it also mentions that it will only dubmitt exes, dlls, plfs scrs and sys files. 

Do I need to worry about my pdf files?  I would like to know this as it can be a show stopper for us if it does send .pdf documents to McAfee Labs?

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center