Environment
- Carbon Black Cloud Console: 0.53 and higher
Question
What kinds of files are uploaded to the Avira Protection Cloud (APC) for Cloud Analysis?
Answer
All of the following requirements must be met in order for a file to get uploaded to APC for analysis:
- Local scanner detects nothing (not found in signature pack)
- Cloud reputation either has no reputation, or low confidence reputation
- Local ML shows risk score (Search for AvatarScanCallback or apcLevel in confer log shows an "apc" value of 4 or more)
- File is under the "Max file size" setting set by Policy (default 4MB)
- File must be a Portable Executable (PE) file
Related Content