Endpoint Protection

 View Only
  • 1.  My digital signed application gets blocked by download insight and Auto-Protect

    Posted May 04, 2016 10:54 AM

    We are software developement company. We have digitally signed our software with a level 3 certificate.

    Even with the digital certificate Symantec EndPoint blocks my software. Right now we whitelist our software based on Hash.

    But this is tedious as we make new versions almost every week. So whitelisting takes a lot of operational time.

    I don't have this problem if I install or upgrade microsoft products.

    My question is How can I approve my software on the same level as microsift products ? Is there a way to whitelist my application baed on digital signature ? so that I only need to do this every 3 years and not every week.

     



  • 2.  RE: My digital signed application gets blocked by download insight and Auto-Protect

    Posted May 04, 2016 11:04 AM

    Start here:

    https://submit.symantec.com/whitelist/



  • 3.  RE: My digital signed application gets blocked by download insight and Auto-Protect

    Posted May 04, 2016 01:52 PM

    Hello Brian,

    I already done this a while ago. But I believe that this is a hash whitelist. Cause everytime I upgrade my software, my updated software get blocked.

    And Symantec approval process is more than a week. Our software cycle can be as short as 1 week. This method is too tedious for us. 

    I really need a Certificate Code signing whitlist



  • 4.  RE: My digital signed application gets blocked by download insight and Auto-Protect

    Posted May 04, 2016 03:39 PM

    Then I suggest you to create a new ticket with Symantec support and express the concern and ask them to create a new SRL task. then they will engage with the SRL and they will convey your concerns over them. so that you both can come to a mutual understanding as to how you can have your application white listed or any other work around as and when needed.



  • 5.  RE: My digital signed application gets blocked by download insight and Auto-Protect

    Trusted Advisor
    Posted May 05, 2016 03:39 AM

    Please see https://support.symantec.com/en_US/article.TECH132220.html - it has an article on Best Practices to help software developers avoid false positives.

    Hope this helps.



  • 6.  RE: My digital signed application gets blocked by download insight and Auto-Protect

    Posted May 05, 2016 05:08 AM

    Hi tienlamnguyen,

    There is good advice in the posts above.  Digital Certificates can definitely help prove the provenance of a file, but the presence of a cert does not guarantee that a file is clean.  Every day Symantec encounters digitally signed malware (stolen certififcates are not unknown).  Also, potentially unwanted applications (grayware) are often digitally signed. 

    All About Grayware
    https://www-secure.symantec.com/connect/articles/all-about-grayware

    Please do continue to follow best practies and to submit files to Symantec for analysis ahead of their public release.

    Insight Deployment Best Practices
    Article URL http://www.symantec.com/docs/DOC5077  

    Wirth thanks and best regards,

    Mick

     

     

     



  • 7.  RE: My digital signed application gets blocked by download insight and Auto-Protect

    Posted May 05, 2016 04:21 PM

     

    </begin rant>

    Every time I contact Symantec support. I am constantly reminded that level1 support does not worth a dime.

    I get transferred to the code signing department that basically tells me to either by symantec signing certificates or contact comodo because they only support verisign signing code and got transferred back to the Endpoint support queue. Great !!!

    </end rant>

     

    Anyhow - I guess i am stuck with sending my apps every week to the whitelist portal and create file hash application exceptions.