Certified Application Database


  1. Can the COMODO Certified Application Database be edited by users?

  2. Where is the COMODO Certified Application Database located and can it be read?

Thank you,

Dr Pete


No it is not editable. it is the data.edb file located in CPF folder and encrypted. It contains more than 14000 applications and growing exponentially with file submissions.


Another question.

Is there a list of applications that are in COMODO Certified Application Database that can be viewed by CPF users?

A previous response to this question on another thread said to run Scan for know applications and then look in your Applications Monitor window to see the apps COMODO has certified safe. While this shows me what is on my system it does not show me what COMODO considers safe.

I ask because it is a question of integrity. There are several PC security applications available that do not attempt to block some malware/spyware and sites by default, for to do so would be a conflict of interest with investors, partners etc.

Having discovered this I assigned the apps to the Recycle bin never to be used again.

And it is for this reason I would like to see a list of apps that COMODO considers safe.


Not that i don’t trust COMODO, it would be great to at least view the list.

Cheers, rotty

Sure. Feel free to put this in our wishlist so that we can implement.

Yes, I agree to this, it would be nice

If its just a list of commercial sites that are safe why do they need to be hidden?

So it will allow over 14,000 programs free access to the net from your machine. It wouldn’t even show up in the log because its considered safe.


Dr Pete

2 issues

  1. competitors “borrowing” all the work we have done by analysing what is good.
  2. malware injecting bad sites into our good list.

that’s why we try to protect it as much as we can.


Hi Melih,
I am the paranoid type and like to see and control things!
I was thinking of all kinds of other things that …well read between the lines.

Your promt and candid response is most appreciated,
Thank you again for a great product.

Dr Pete

You and me both Pete :slight_smile:
You can’t be involved in security without being paranoid :slight_smile: (ssshhh… they are watching us (:KWL) )


I recall reading an article a while back about Norton Internet Security and it’s use of a ‘safe’ application DB similar to CPF’s I suppose.

The writer was very much against any FW deeming what was safe and what was not. He emphatically insisted that ALL accesses should be presented to the user to allow or deny.

He didn’t go into the reasons he felt this way but I suspect he felt that a malicious individual could find out that a particular FW allows program xyzzy to run as safe and then create a malicious program to fool the FW into thinking that program was safe.

If this is the case then what steps does CPF take to insure that no ‘bad’ program can disguise itself as a CPF safe program?

No Melih, that’s wrong, it’s supposed to be , 8) <----i’m going under cover…If they see you putting the glasses on, your cover is blown! Phew, glad I caught that in time! Now there’s no telling who saw you!

Paul 8)

Hi mate,

IMHO…I agreed with Comodo Teams (referring to Melih post #7 aboved) not to reveal the * Certified Applications db * … b’cuz of the 2 issues mentioned by Melih. The biggest issue imo … someone (bad guy) can use the db to manipulate/take advantage/inject bad thing and take control of its, if reveal to out-side world. Those db should protected and hidden to user … still a workaround on this … i’m referring to topic starter post … :wink:

If you like CPF create some noisy and you like to be a decision maker rather then rely on CPF to decide for you (base on thier white lists - trusted application) , this setup suitable for you (see “ss” attached) . Any applications (included tagging as “safe/trusted”) will prompt and you decide to allow/deny it … you have fully control your FW… (on side note this apply to me too b’cuz i for one like to know each application try to connect to out-side world and try to ignore my present…Lol!!! :stuck_out_tongue: )… my 2 cts

[attachment deleted by admin]

Thats what I did under my settings already ;D
I usually have to do a restart because I get things blocked until I find out who the ip is.

A question that was raised a number of times, is the dns lookup going to be implemented in future releases?
I always have to go back to the log and lookup the ip by hand and decide if it should have been blocked or let go.
Then I create a new set of rules based on the dns records.

Be safe and block everything and disconnect the blue cord that comes from the router (:LGH)

Extra paranoid option checked!


Dr Pete