Environment
CB Protection Server: All Supported Versions
Objective
This article details two ways to block or ban files deemed malicious by reputation.
Resolution
1. In the CB Protection Console, navigate to Rules > Event Rules
Using the 'Malicious file detected' subtype will allow files known to be malicious to trigger the rule, which can be set to ban immediately, or report.
2. In Rules > Software Rules > Reputation tab, set thresholds to block files based on their CDC score.
Additional Notes
Clicking the black and white question mark in the upper right hand of the console will show a help menu contextual to the page currently loaded in the CB Protection console.