This section describes advanced features for using file-signing certificates in Carbon Black App Control file monitoring and enforcement activities.

These features provide the following capabilities:

  • Certificate Discovery and Inventory – Information about file-signing certificates discovered on agents and all certificates in their chains is collected and stored in the Carbon Black App Control Server database.
  • Enforcement by Certificate State – Any certificate in a certificate chain may be approved or banned for a specific publisher, and its state can be used to approve or ban files managed by Carbon Black App Control.
Note: These certificate visibility and control features are available for computers running Windows only. The features are not available for systems running Linux or macOS.