How does the Linux Sensor determine reputation?
Article ID: 291853
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
How does the Linux Sensor detect malware of suspect hashes and determine their reputation as known malware, suspected malware, potentially unwanted program, etc.?
Environment
- Carbon Black Cloud Console: All Versions
- Endpoint Standard (was CB Defense)
- Enterprise EDR (was CB ThreatHunter)
- Carbon Black Cloud Sensor: All Versions
- Linux: All Supported Versions
Resolution
The Sensor versions which currently support Endpoint Standard and Enterprise EDR functionality rely on streaming prevention and obtaining reputation information from the Carbon Black Cloud only.
Additional Information
- The Linux Sensor does not currently have full feature parity with either the macOS or Windows Sensors
- The Local Scanner is not available on Linux
- As new features and functionality are added to the Linux Sensor, the Release Notes page will be updated
Feedback
Yes
No
Powered by
