Improve prevention against new forms of malware by enabling analysis of unknown binaries by Avira, a third-party partner.

When enabled, binaries with a "NOT_LISTED" reputation are submitted to Avira for cloud analysis. The file must be a portable executable to be uploaded (e.g., “.exe”, “.dll”). Document files, such as PDFs, text files, pictures, spreadsheets, and other personal files cannot be uploaded. Analysis of files is fully automated and no information is shared with any third-party outside of Avira.

Enabling cloud analysis by Avira requires a Windows sensor 3.2+ and the local scanner set to enabled.

To enable cloud analysis

  1. Click Enforce, then Policies.
  2. Select the policy for which to enable cloud binary analysis.
  3. On the Sensor tab, select the checkbox for Submit unknown binaries for analysis by Avira
  4. Confirm that you would like to share data with Carbon Black and Avira, then click Save.

If enabled, this functionality will upload binary files, including the files’ content, to Carbon Black for analysis. You may opt out of this functionality at any time. Carbon Black uses a third-party vendor, Avira Operations GmbH & Co. KG ("Avira"), as a sub-processor to assist with threat analysis. Binary files are sent to Avira’s network. Avira only processes the data to meet Carbon Black’s obligations under the applicable agreement and for no other purpose. Avira has implemented appropriate security and operational methods that are designed to secure the data, and will comply with all applicable data privacy laws when processing the data. The information will be processed by Avira in their Germany and USA data centers. In the course of using the services, you shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use and transfer to Carbon Black all such data. You can view Carbon Black’s privacy policy at This privacy policy is updated periodically, as needed.