This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- Cloud Delivered Security Services
- Endpoint (Traps) Discussions
- Who Me Too'd this topic
Who Me Too'd this topic
Whitelisting SCCM deployed applications
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-25-2017 08:06 AM
We use SCCM to deploy most of our corporate applications. Many of these applications are home grown apps that are prone to triggering a false positive malware detection. We are working on digitally signing these application but in the mean time we are looking for ways to basically honor SCCM deployments as legit.
Would whitelisting the ccmexec.exe process achieve this objective? While this is the process that copies the files down from SCCM and launches most of the apps....there are times where it extracts the binaries from a compressed file, drops them in a temp folder and then launches the install.
I am going to do some testing, but wanted to poll the community to see if anyone else has some experience with this situation. Thanks in advance!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks