topic Re: Traps - Permit .exe file with specific certificate in General Topics

Traps - Permit .exe file with specific certificate

soporteseguridad — Tue, 28 Nov 2017 09:51:20 GMT

Hi,

We would like to add a specific certificate ("Exacq Technologies, Inc") to the TRAPS database so that it recognizes all the ".exe" with this certificate as correct and it is not necessary to upload them to Wildfire, since due to the size limitation of the files to be sent configured in the TRAP console itself, these are not analyzed and therefore are blocked, since in our case the local analysis is not activated.

Is there any way in order to permit these exe files with certificate "Exacq Technologies, Inc"??? and not upload to wildfire??? how can we do this???

thanks a lot

Re: Traps - Permit .exe file with specific certificate

BPry — Tue, 28 Nov 2017 18:50:45 GMT

@soporteseguridad,

While you could whitelist the individual .exe files, I am not aware of a way to actually add self-specified Trusted Signers into the Traps database.

Re: Traps - Permit .exe file with specific certificate

soporteseguridad — Wed, 29 Nov 2017 07:42:22 GMT

I check that if you go to the table .pusblishers in the traps database you can see all the signers, and you could add a line with your signer but i dont know if this would work and if its recommended to do like this.Anyway, I will wait for PA response....