App Control: How Is a File’s Trust Rating Calculated?
Article ID: 286536
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
How is a file's Trust Rating calculated by App Control?
Environment
- App Control Server: All Supported Versions
- Carbon Black File Reputation Service
Resolution
A file's Trust Rating in the Carbon Black File Reputation service (CDC) is based on a proprietary algorithm that takes the following factors into account:
- Source Trust - the origin of the file
- Publisher Trust - whether the file has a signed digital certificate and the trust associated with that specific certificate
- Malware Severity - whether AV scanners identify the file as malicious or potentially malicious; files in the CDC database are scanned by multiple AV products
- Vulnerability Severity - whether there is a known vulnerability for the file (specifically, a Microsoft reported vulnerability), and if so, how severe
- Duration Seen - how long the CDC has seen this file in the field
- First Seen - when this file was first seen in the field by the CDC
- Prevalence - how common this file is in the field, as reported to the CDC
Feedback
Yes
No
Powered by
