About trusted executables and applications

Trusted executables are executables that have no known vulnerabilities and are considered safe.

Configuring a trusted executable creates a bi-directional Allow rule for that executable at the top of the Firewall rules list.

Maintaining a list of safe executables for a system reduces or eliminates most false positives. For example, when you run a backup application, many false positive events might be triggered. To avoid triggering false positives, make the backup application as a trusted executable.

Note: A trusted executable is susceptible to common vulnerabilities, such as buffer overflow and illegal use. Therefore, Firewall still monitors trusted executables and triggers events to prevent exploits.

The Firewall Catalog contains both executables and applications. Executables in the catalog can be associated with a container application. You can add executables and applications from the catalog to your list of trusted executables. Once defined, you can reference the executables in rules and groups.