# Enterprise EDRs and XDRs {% hint style="info" %} The following text only applies to customers that enable **Memory Integrity** and **Assembly protection**. {% endhint %} Over the past few years, security solutions that prevent malware have increasingly started using techniques such as hooking and DLL injection to monitor the actions of processes in greater depth. While this can be an effective method for detecting and preventing malware, it can also cause issues for software protection products such as anti-cheats and anti-tampers. To address this issue, our team actively monitors and ensures that no security solution is flagged as a tampering attempt. We verify modules and only allow reputable security vendors to place hooks or run DLLs in memory, minimizing the potential impact on software protection products. Although our system will still log tampering found in the process, if it is determined to be coming from a trusted vendor, it will not be raised as an alert (unless specifically enabled in the dashboard). This helps to prevent false positives and ensure that only genuine tampering attempts are flagged and responded to. ### False Positives In the event that a customer experiences a false positive, we recommend reaching out to our support team for assistance. Our engineers will verify the false positive and push an update as soon as possible to resolve the issue. It is important to note that attackers may attempt to make false reports in order to shift blame and regain access to the application. Therefore, it is always recommended to wait for confirmation from an engineer before taking any action in response to a reported false positive. ### Customer Grade Anti Viruses Standard antivirus (AV) products are generally not prone to this issue, as they do not typically use the level of deep visibility that can cause conflicts with software protection products. However, there are some exceptions, and our team works closely with these AV vendors to minimize any potential impact. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cyphor.net/code-guard/preventing-modifications/enterprise-edrs-and-xdrs.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.