When the Cb Protection agent evaluates a new file, it analyzes the file according to several characteristics.
File hash: md5, sha1, sha256
File name: Full file names, Regex strings
File signature: The agent verifies file signature certificates from systems it monitors with an online database of trusted file signatures. All files with the same signature can be banned or approved at the same time.
Trusted installers are an efficient way to get new approved software onto a Cb Protection managed system. Any files put on a system by a trusted installer are locally approved to run on the system. Trusted installers are globally active, or globally inactive.