CB Protection: Delay In Malicious File Notification After Malicious File Dropped
book
Article ID: 287196
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Delay in malicious file notification after a malicious file was dropped in the environment.
Environment
- CB Protection Server: 8.0 and Higher
Cause
File had been discovered less than 24 hours before being dropped in client environment.
Resolution
File was first seen by sources (eg, VirusTotal) in the past 24 hours; it therefore took some time for the CDC to provide information on this new file.
Additional Information
If the agents on endpoints are in High Enforcement, the new file would not be allowed to run.
Feedback
thumb_up
Yes
thumb_down
No