App Control: How Is a File’s Trust Rating Calculated?
search cancel

App Control: How Is a File’s Trust Rating Calculated?


Article ID: 286536


Updated On:


Carbon Black App Control (formerly Cb Protection)


How is a file's Trust Rating calculated by App Control?


  • App Control Server: All Supported Versions
  • Carbon Black File Reputation Service


A file's Trust Rating in the Carbon Black File Reputation service (CDC) is based on a proprietary algorithm that takes the following factors into account:
  • Source Trust - the origin of the file
  • Publisher Trust - whether the file has a signed digital certificate and the trust associated with that specific certificate
  • Malware Severity - whether AV scanners identify the file as malicious or potentially malicious; files in the CDC database are scanned by multiple AV products
  • Vulnerability Severity - whether there is a known vulnerability for the file (specifically, a Microsoft reported vulnerability), and if so, how severe
  • Duration Seen - how long the CDC has seen this file in the field
  • First Seen - when this file was first seen in the field by the CDC
  • Prevalence - how common this file is in the field, as reported to the CDC