Forum Discussion
Azure Cloud Defender false positive
Cloud Defender threw up alert on Trojan:Script/Phonzy.B!ml for a PaloAlto virtual firewall. There are no Defender agents, (detection was agentless). I cannot find any other incidents or similar...
According to Microsoft turned out to be a false positive. 1 other user had the issue at the time. No Palo support so they were not in play. Open a ticket with Defender.
Good luck.
that is our conclusion as well. It was only found inside of a pcap file that the firewall generated on its own.