Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: What Triggers the Malicious File Detected Event?

App Control: What Triggers the Malicious File Detected Event?


  • App Control Console: All Supported Versions


What triggers the “Malicious File Detected” Event?


The "Malicious File Detected" Events occurs in two scenarios:
  1. Following a "New File on Network" Event for a file that is already assigned a Malicious reputation.
  2. When the Carbon Black Reputation (or another integrated service) has updated the file's reputation to Malicious.

Additional Notes

  • The "Alert Triggered" Events only occur once per "Malicious File Detected" Alert. If the Alert is not reset between Events, there will only be one "Alert Triggered" Event.
  • Connector settings can be found in the Console > System Configuration (gear icon) > Connectors.
  • More information on what determines the Carbon Black File Reputation of Malicious can be found here.
  • To report a False Positive or False Negative please follow the instructions outlined here.

Related Content

Labels (1)
Tags (2)
Was this article helpful? Yes No
50% helpful (1/2)
Article Information
Creation Date: