A reputation is the level of trust or distrust that is given to an application. Reputations are based on multiple sources of known good and known bad reputations.


Carbon Black is replacing the terms blacklist and whitelist with banned list and approved list. Notice will be provided in advance of terminology updates to APIs, TTPs, and Reputations.

Tip: You can also use the Reputation Override API to manage reputations.

The Reputation Override API provides an organization with the ability to create a list of approved or banned applications using a SHA-256 hash, a certificate signer, or a path to a known IT tool application. The overridden reputation allows for the Carbon Black Cloud to trigger deny or terminate actions based on policy configurations of known banned application or ignore applications that are approved.