App Control: File With 10/10 Trust Rating Blocked
search cancel

App Control: File With 10/10 Trust Rating Blocked


Article ID: 287300


Updated On:


Carbon Black App Control (formerly Cb Protection)


  • Files with trust rating of 10/10 are blocked by App Control agent
  • Reputation approvals for files enabled
  • File is being seen in the environment for the first time


  • App Control Server: 8.5.4 and Higher
  • App Control Agent: 8.5.0 and Higher
  • Microsoft Windows: All Supported Versions


Files are being approved by reputation.


Feature is working as designed.

Additional Information

The reputation approval is applied server side first, then is sent down to the agents in the three specific scenarios: being if it was blocked before, or if the agent requests the information, or if its marked as a trusted installer. That means, a block can be received on the first attempt to run a file that was approved by reputation, if the lookup agent side cannot complete in time.

At that point, the server will send the approval to all the agents, through a normal config list update. This makes the file available to run, for future attempts (once the agent has updated its rules). No manual approval of the file, or console interaction should be required for this process. Once the first block takes place, the server will start sending that rule.