App Control: What Data Is Used To Determine Malicious Reputation?
App Control Console: All Supported Versions
What data does Carbon Black use to determine the Reputation of Malicious?
The Carbon Black File Reputation Service uses data from a combination of distribution partners, web crawlers, honeypots, and the Carbon Black user community. For files currently in the database; Carbon Black File Reputation data provides contextual information such as who published the file and what product (if any) it is associated with. It also screens software using multiple anti-malware tools, and cross-references it against third-party vulnerability databases. The Event for "Malicious file detected" indicates that a data source flagged the file as potentially malicious.