- Overview
- CylanceON-PREM architecture
- Steps to get Start with CylanceON-PREM
- Requirements: CylanceON-PREM
- Configuring the CylanceON-PREM virtual appliance
- Configuring the console
- Log in to CylanceON-PREM
- Administrative dashboard
- Filter lists
- Export lists
- Policies
- Setting up the CylancePROTECT agent
- Device management
- Threat management
- Global lists
- Administration
- Managing users
- Managing roles
- Update profile information
- Audit logs
- Managing Certificates
- Setting up email notifications
- Settings
- Upgrade CylanceON-PREM
- Reboot the virtual appliance
- Configure session timeout
- Update CylanceON-PREM SSL certificate version 1.3.1 and later
- Update CylanceON-PREM SSL certificate version 1.2.2.1 and earlier
- Change the certificate cipher mode
- Enable maintenance mode
- Change network settings
- Check an IP address
- Change the log level
- Download logs
- Configure syslog/SIEM settings
- Update database connection settings
- Configure active directory
- Configure identity provider settings
- Using certificate-based authentication
- Add a banner to the login screen
- Applications
- CylanceON-PREM API
- Troubleshooting
- Agent not communicating with CylanceON-PREM
- Web browser reports insecure webpage
- Unable to connect to external database
- Configure static IP using the OVF tool
- Remote server 404 error in log files
- Log in with a local administrator account
- Online Certificate Status Protocol issues
- A user is not receiving email notifications
- Before you contact support
- BlackBerry Docs
- CylanceON-PREM
- Cylance ONPREM Administration Guide
- Global lists
- Add files to safelist by certificate
Add files to safelist by certificate
You can add files to your
CylanceON-PREM
console safelist by certificate, allowing custom software that is properly signed to run without being quarantined by the agent. The timestamp, subject, issuer, and thumbprint information from the certificate is extracted by the console and allows administrators to establish a safelist by signed certificate, as represented by the SHA1 thumbprint. CylanceON-PREM
does not check if the certificate is expired and does not save or upload the certificate to the console. The certificate timestamp is used to represent when the certificate was created. If the certificate changes, such as it is renewed or replaced, it should be added to the safe list in the management console. The safe list by certificate feature works with PowerShell, ActiveScript, and Office macros.This feature currently works with
Windows
and macOS
agents only- In the console, on the menu bar, clickGlobal Lists > Certificates.
- ClickAdd New Entry. TheAdd Global List Entrymodal displays.
- Drag and drop the certificate to the modal. Optionally, you can browse for the certificate.
- Select whether the certificate applies to executables or scripts. This allows you to add an executable or script by certificate instead of by folder location. Optionally, you can provide a reason for adding the certificate to the safe list.
- ClickCreate. The Issuer, Subject, Thumbprint, and Notes are added to the repository.