Endpoint Standard: Unable to add file with KNOWN MALWARE reputation to banned list from Investigate tab
search cancel

Endpoint Standard: Unable to add file with KNOWN MALWARE reputation to banned list from Investigate tab

book

Article ID: 291458

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Files that receive a Known_Malware reputation can no longer be added to the banned list from the Investigate tab

Environment

  • Carbon Black Cloud: All Supported Versions

Cause

This is because of a recent backend update

Resolution

  • Files that receives KNOWN_MALWARE reputation will be blocked using default blocking policy rule KNOWN_MALWARE > runs or running > Deny/Terminate
  • This is working as designed

Additional Information

  • The hash can still be added manually from Enforce > Reputation > Banned
Powered by Wolken Software