DeepLにて
これって、Windowsプラットフォームで社内CAでコードサイニングしてる場合、デジタル証明書単位でマルウエアチェックをホワイトリストできるってことかな?
これまでは、一つ一つハッシュ値をホワイトしてたんだろうな・・・アップデート時に死んでたとかかな?
信頼できる証明書の検出の例外: Deep Security Manager (バージョン 20.0.560 以降) では、電子証明書に基づいてマルウェア対策スキャンからファイルを除外するために、[ポリシーの詳細とマルウェア対策と詳細] タブから [信頼できる証明書の検出の例外] を設定することができるようになりました。この機能は、現在、Windowsプラットフォーム上のDeep Security Agentバージョン20.0.0-3445+のみサポートされています。
Deep Security Manager - 20.0.560 (20 LTS Update 2021-12-16)
Deep Security Manager - 20.0.560 (20 LTS Update 2021-12-16)
Release date: December 16, 2021
Build number: 20.0.560New Features
- Trusted Certificates Detection Exceptions: Deep Security Manager (version 20.0.560+) now allows you to configure "Trusted Certificates Detection Exceptions" (from a policy's Details & Anti-Malware & Advanced tab) to exclude files from Anti-Malware scanning based on their digital certificate. This feature is currently supported for Deep Security Agent version 20.0.0-3445+ on Windows platforms only.
Resolved issues
- Deep Security Manager was sending suspicious objects to Deep Security Agent even after the objects' expire time had ended. DS-67917
- Deep Security Manager was not displaying virtual machines that had been upgraded to VMware Cloud Director 10.3 or 10.3.1, even though they were still connected. SEG-123585/SF04968350/DS-67513
What's new in Deep Security Manager? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-68162/DS-65579
- Highest CVSS: 7.5
- Highest severity: High
