Showing results for 
Search instead for 
Did you mean: 

How can I Trust files based on Certificate


I see huge number of enterprise related files detected by McAfee ATP. What are the best practice to reduce these detection and how we can Trust based on Certificate.


1 Reply
Reliable Contributor Troja
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: How can I Trust files based on Certificate


it is always the same, to do a decision you need as much as possible information. So you can see which files have been signed with this certificate. You can also use the GetClent Tool from McAfee to compare a Golden Image with McAfee GTI. This will add more information, because McAfee will analyze the files/certificates and will update GTI.

This is also a discussion when using several Information Sources for your internal threat intelligence, which one is trusted and which not. So you can use several "community intelligences" and merge them together.