Is it possible to ban the Signer/Signature and Certificate Authority (CA) to block files based on their Publisher?

• Carbon Black Cloud Console: All Versions
  • Enterprise EDR (formerly CB ThreatHunter)
  • Endpoint Standard (formerly CB Defense)
• CBC Sensor: All Versions
• Apple macOS: All Supported Versions
• Linux: All Supported Versions
• Microsoft Windows: All Supported Versions

No. It is not possible in the product currently to ban using Certs. This KB will be updated as there are changes.