This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
morris
Contributor
‎2025-05-12 01:24 AM
Jump to solution

Exception for Application based on Certificate

Hi,

we have some applications which are blocked by Harmony Endpoint. We are very sure, that its a false-positive.

The software is signed with a certificate by the developer.

Is there any configuration where we can whitelist all software which is signed by this certificate.

 

This behaviour mostly occurs after the software gets an update.

Labels
0 Kudos
1 Solution

Accepted Solutions
lluner
Advisor
‎2025-05-12 05:01 AM
In response to morris
Jump to solution

@morris 

You can exclusions  it by right-clicking mouse  on it.

te2.png

View solution in original post

0 Kudos
6 Replies
lluner
Advisor
‎2025-05-12 04:13 AM
Jump to solution

@morris 

Could you show the logs to know which blade is blocking?

0 Kudos
lluner
Advisor
‎2025-05-12 04:21 AM
In response to lluner
Jump to solution

this sk can help you sk181679 - Smart Exclusions - Syntax and Supported Capabilities for Exclusion Types

morris
Contributor
‎2025-05-12 04:44 AM
In response to lluner
Jump to solution

Its Forensics and Threat Emulation

Preview file
25 KB
0 Kudos
lluner
Advisor
‎2025-05-12 05:01 AM
In response to morris
Jump to solution

@morris 

You can exclusions  it by right-clicking mouse  on it.

te2.png

0 Kudos
morris
Contributor
‎2025-05-12 08:24 AM
In response to lluner
Jump to solution

That did the magic. thanks! 

But isn't that kinda unsecure somehow? You just paste the signer of the Certificate as a string.

I know from solutions like Cylance that you upload the certificate itself into the management portal. 

0 Kudos
lluner
Advisor
‎2025-05-12 09:48 AM
In response to morris
Jump to solution

@morris 

Você pode testar e colocar esse problema de certificado na exclusão forense, não sei se vai funcionar? Por algum motivo, esse executável está alertando a lâmina TE

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events