Trusting an Application by a Certificate
You can permit applications by their certificate in combination with path, hash or process.
To Permit using a Certificate from the Audit
- Search for the file in the Unified Audit;
- Expand the item you wish to permit;
- Click Add to Application;
- Select the Application Name from the dropdown list;
- Clear the boxes you do not want to match.
- Select the Certificate from the certificate dropdown list, and click the Add button.
- Select Save
- Click Deploy Policies
We recommend you only use certificate-only rules for uncommon vendors. For example, permitting everything signed by Microsoft would result in allowing potentially dangerous Microsoft Applications to run.