App Control: Differences Between Trusted Directory and Trusted Path?
search cancel

App Control: Differences Between Trusted Directory and Trusted Path?

book

Article ID: 284907

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

What are the differences between Trusted Path and Trusted Directory?

Environment

  • App Control (Formerly CB Protection) Console: All Supported Versions

Resolution

Trusted Path:

What it does?
  • Allows the execution/promotion¬†of files from a specified path
Pros:
  • Files can be instantaneously executed after added
  • Locally approving files can be more secure/controlled
  • Has little impact on performance
Cons
  • Files must be executed from the specified path (may effect ease of use)
  • Specified path is trusted on all devices
Trusted Directory:

What it does?
  • Globally approves files in a specified path
Pros:
  • Once globally approved, files can be executed from anywhere
  • Automatically analyzes and approves files that will be written by archive files
Cons:
  • Takes time to process approval and send out to agents
  • Can be less secure/controlled (execute from anywhere)
  • When overused, can cause performance issues

Additional Information

  • How effective and secure a rule is depends on how it's going to be utilized in the environment. Before implementing any rule it's best to review with a dedicated security team and consider all attack vectors.
  • More information on Trusted Paths and Directories can be found on page 262 and 425 of the User Guide.