Hi everyone,
One of file rating options is Trust applications signed by trusted vendors, Q: If this option is disabled, Will be added safe files to CIS trusted files list? And in this case, According to ignore the digital signature, What is the basis of CIS analysis to add safe files into trusted files list?
If that option is disabled then only files which have been specifically investigated by Comodo will be automatically moved to the trusted files list. Otherwise, if it had been left enabled all files signed by trusted vendors would also have been added to the trusted files list (TFL).
Thus, if it is disabled you will have to add the files to the TFL yourself, which isn’t very difficult as the sandbox alerts have an option to not sandbox again, which automatically adds the application to the TFL. You are certainly safe to do so if you want, but make sure you only add them if you are certain they are safe. Adding files to the TFL will mean that the AV will no longer detect them, they can send data over the internet, and they will no longer be restricted by the Behavioral Blocker.
Thanks Chiron for your explanation.
Well, will be this specifically investigate online only (cloud whitelist & online analysis etc) or is CIS able to local file analysis (offline) too, if this option is disabled?
Thanks again
I believe that some of it is local, but the majority is online, in the cloud.