Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Defense: When is the "Ignore" Reputation Applied?

CB Defense: When is the "Ignore" Reputation Applied?

Environment

CB Defense Web Console: All Versions

Question

When is the "Ignore" reputation (i.e., highest trust level) applied to an application?

Answer

The "Ignore" reputation is assigned to CB Defense executables known to the sensor.  These may be:

  • Hard-coded by path and running from within CB Defense self-protected folders
  • Or use a locally verified code signature

Additional Notes

  • Full bypass permission for all operations will result in treatment similar to the "Ignore" reputation by the sensor.
  • Bypass is tracked in parallel to reputation, so bypassed files will not technically be reported as having "Ignore" reputation.

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
604
Contributors