Any Defence Plus experts please, can you help?
1- Defence Plus in ProActive mode with Sandbox disabled. I want to use the white list but still I want to be alerted for a digitally signed executabe if it is not in white list. Is it possible?
More simple how can I disable default behavior " auto-trust digitally signed applications" in Defence Plus?
By the way I want to know if the white list of CIS is local or in the cloud? I guess local. Am I right?
What do you mean with white list? Does the Trusted Software Vendors list belong to your definition of white list?
There is not an auto trust digitally signed applications in CIS; I think Kaspersky has such a functionality.
CIS has the Trusted Software Vendors (TSV) list. This list consists of digitally signed publishers that got vetted by Comodo.
The TSV list cannot be easily disabled like was possible in older versions; there is not check box anymore. You either need to run in Paranoid mode or manually delete the TSV list:
Yes, I mean trusted software vendors. Thanks
BTW there is no way to remoce Comodo from this list. :-TD
I think there is a white list of applications( safe applications) in CIS in addition to trusted software vendors. Am I right?
There is a whitelist of trusted applications indeed. This list is stored locally but also relies on the cloud. CIS will move files that were found safe by the cloud to the local white list.