Code signed executables

TonyKelly — Wed, 23 Apr 2025 14:44:32 GMT

A colleague raised a query with regards code signing certificates?

For example if files are created, remodified and recompiled, the Sha256 will change every time, and these would need to be Whitelisted every time.

The question asked is if we are able to code sign any executable with our own code signing certificate, can a whitelist rule be assigned to that signed certificate, or is this not possible?

What is best practice on this scenario?

Re: Code signed executables

aspatil — Mon, 28 Apr 2025 08:14:20 GMT

Hello @TonyKelly ,

I will suggest to open a TAC case for your scenario and have Support Exception based on FVhash.

If you feel this has answered your query, please let us know by clicking like and on "mark this as a Solution". Thank you.

topic Re: Code signed executables in Cortex XDR Discussions

Code signed executables

Re: Code signed executables