Add Executable or Edit Executable

Add or edit an executable in an Application Protection rule.

When configuring executables, consider the following:

  • You must specify at least one identifier: File name or path, MD5 hash, or Signer.
  • If you specify more than one identifier, all identifiers apply.
  • If you specify more than one identifier and they don't match (for example, the file name and MD5 hash don't apply to the same file), the executable definition is invalid.
Options
Section Option Definition
Properties Name Specifies the process name.

This field is required with at least one other field: File name or path, MD5 hash, or Signer.

File name or path Specifies the file name or path of the executable to add or edit.

Click Browse to select the executable.

MD5 hash Indicates the (32-digit hexadecimal number) MD5 hash of the process.
Signer Enable digital signature checkGuarantees that code hasn't been changed or corrupted since it was signed with cryptographic hash.

If enabled, specify:

  • Allow any signature — Allows files signed by any process signer.
  • Signed by — Allows only files signed by the specified process signer.

    A signer distinguished name (SDN) for the executable is required and it must match exactly the entries in the accompanying field, including commas and spaces.

    The process signer appears in the correct format in the events in the log files. For example:

    C=US, S=WASHINGTON, L=REDMOND, O=MICROSOFT CORPORATION, OU=MOPR, CN=MICROSOFT WINDOWS

Notes Provides more information about the item.