App Control: What Data Is Used To Determine Malicious Reputation?
book
Article ID: 288308
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
What data does Carbon Black use to determine the Reputation of Malicious?
Environment
App Control Console: All Supported Versions
Resolution
The Carbon Black File Reputation Service uses data from a combination of distribution partners, web crawlers, honeypots, and the Carbon Black user community. For files currently in the database; Carbon Black File Reputation data provides contextual information such as who published the file and what product (if any) it is associated with. It also screens software using multiple anti-malware tools, and cross-references it against third-party vulnerability databases. The Event for "Malicious file detected" indicates that a data source flagged the file as potentially malicious.