logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Endpoint Standard: How to Automatically Ban a Hash

Endpoint Standard: How to Automatically Ban a Hash

Environment

  • Carbon Black Cloud Console: All Versions

Objective

WARNING: By configuring Auto ban, critical applications could be impacted based on Policy Rules. 
For example, if Notepad.exe was a participant in an attack that reached the threat level set in auto black list, it could be disabled company wide based on Policy settings.

Provide information on how to automatically ban a hash.

Resolution

  1. Go to Enforce - Reputation 
  2. Click on Auto Ban 
  3. Set the threshold for threat level. Anything equal or greater than the defined threat level will be added to the ban list
  4. Click Save

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎09-09-2020
Views:
1425
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.