Many files are signed with a digital certificate that verifies the integrity and identity of the file, including the name of its publisher.
The Publishers tab of the Software Rules page lists each unique publisher identified in a valid certificate for a file that is discovered by an Carbon Black App Control Agent. If Windows can find the digital signature on a file, the publisher is discovered and listed in the console.
After a publisher is listed in the console, it can be approved, banned, or left unapproved. Publisher approvals and bans can be applied to all computers or to computers in specific policies. You can Acknowledge a publisher to indicate that you have seen it and do not need to track it closely. Acknowledging a publisher does not change its state.
Publisher state affects files differently depending upon whether you have banned or approved the publisher:
- Bans
- When you ban a publisher, any file signed by a certificate identifying that publisher is banned.
- Approvals
- When you approve a publisher, a file signed by a certificate identifying that publisher is approved if its certificate meets additional App Carbon Black App Control validation requirements. These requirements are described in detail in Determining Which Certificates Can Approve Files.