Does Endpoint Protection always use reputation to detect malicious files?