logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: What Triggers the Malicious File Detected Event?

App Control: What Triggers the Malicious File Detected Event?

Environment

  • App Control Console: All Supported Versions

Question

What triggers the “Malicious File Detected” Event?

Answer

The "Malicious File Detected" Events occurs in two scenarios:
  1. Following a "New File on Network" Event for a file that is already assigned a Malicious reputation.
  2. When the Carbon Black Reputation (or another integrated service) has updated the file's reputation to Malicious.

Additional Notes

  • The "Alert Triggered" Events only occur once per "Malicious File Detected" Alert. If the Alert is not reset between Events, there will only be one "Alert Triggered" Event.
  • Connector settings can be found in the Console > System Configuration (gear icon) > Connectors.
  • More information on what determines the Carbon Black File Reputation of Malicious can be found here.
  • To report a False Positive or False Negative please follow the instructions outlined here.

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
50% helpful (1/2)
Article Information
Author:
CB_Support
Creation Date:
‎09-07-2020
Views:
1220
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.