CIS 8: How to isolate every files thats not recognized by CIS 8?

Hi guys. I need some help here.

I want to know if its possible to make CIS 8 isolate on sandbox any file that is not recognized or trusted by me. If so, how can I do it?

I want CIS 8 to work like this: its a malware? cis 8 bock/quarentene/remove it. its an unknow file/app? cis 8 automatic sandbox it and ask me what to do next. its a file from a trusted vendor or a file that “I trusted it” then cis 8 will ignore the file and let it run.

Is that possible to have this behavior? Is this the default one? Is this crazy to ask?

help with answers please?

thnaks in advice…

I have mine set up that way. I don’t use the Trusted Vendors List.

  1. If it’s malware, it’s blocked.

  2. If it’s unknown, it’s blocked and prompted.

  3. If it’s in the Trusted Files List, it runs as Trusted.

[attachment deleted by admin]

ooww… thats nice but how to configure my cis 8 to be like yours?

please, post an how to? :):):slight_smile:

This is actually the way CIS 7 automatic sandbox works… but as far as I read they managed to change it in CIS 8 (Why?). I suppose, better…I hope this thing can be changed using new sandboxing policy rules.
BTW…I’m still waiting for the automatic update… :-\

I’ve attached my Settings Images if you want yours set up like mine.

[attachment deleted by admin]

You can get the same behavior by changing the last Auto-Sandbox rule to Blocked. I only use the sandbox to catch files, not to run them restricted or virtually. I think sandboxing is too much of a pain in the neck (I’m old school).

Here’s my usage setting for games and navigation in secure sites.
I have other here but are very specific.

[attachment deleted by admin]

definitely there’s a problem with the automatic sandbox (from 30.40)
files are unknown…but CIS let them to run…this guy on the video’s beginning managed to set the automatic sandbox properly (Isuppose).
Everything went smooth during the first part of the test…then when he tried to run unrecognized files being on his computer…disaster…