Carbon Black Cloud: What Does the Heuristic File Reputation Mean?
Article ID: 290173
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
What does the Heuristic reputation mean?
Environment
- Carbon Black Cloud Console: All Versions
- Carbon Black Cloud Sensor: All Supported Versions
Resolution
- Heuristic reputation is applied when a file is suspected to be malicious based on a set of attributes, but analysis cannot definitively determine whether the file is malware.
- It generally indicates a level of confidence above Suspect Malware, but below Known Malware reputation.
Additional Information
- When it comes to Policy enforcement, processes with Heuristic reputation are subject to the same Prevention rules as Suspect Malware.
- As Carbon Black Cloud employs a variety of analysis techniques, file reputations can change over time with further analysis.
- Other reputation that can be assigned to suspicious files include PUP, Adware, and Suspect Malware.
Feedback
Yes
No
Powered by
