What Data Is Used To Determine Malicious Reputation?
search cancel

What Data Is Used To Determine Malicious Reputation?

book

Article ID: 288308

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

What data does Carbon Black use to determine the Reputation of Malicious?

Environment

  • App Control Console: All Supported Versions

Resolution

The Carbon Black File Reputation Service uses data from a combination of distribution partners, web crawlers, honeypots, and the Carbon Black user community. For files currently in the database; Carbon Black File Reputation data provides contextual information such as who published the file and what product (if any) it is associated with. It also screens software using multiple anti-malware tools and cross-references it against third-party vulnerability databases. The Event for "Malicious file detected" indicates that a data source flagged the file as potentially malicious.

Additional Information

To report a False Positive or False Negative please follow the following KB article Reporting Malware False Positives to Carbon Black (broadcom.com)