Skip to content

Commit

Permalink
Signature option available for macOS Trusted Apps conditions
Browse files Browse the repository at this point in the history
  • Loading branch information
natasha-moore-elastic authored and benironside committed Nov 19, 2024
1 parent 643b772 commit f01a0a9
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion docs/management/admin/trusted-apps.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ To add a trusted application:
* `Field`: Select a field to identify the trusted application:
** `Hash`: The MD5, SHA-1, or SHA-256 hash value of the application's executable.
** `Path`: The full file path of the application's executable.
** `Signature`: (Windows only) The name of the application's digital signer.
** `Signature`: (Windows and macOS only) The name of the application's digital signer.
+
TIP: To find the signer's name for an application, go to *Kibana* -> *Discover* and query the process name of the application's executable (for example, `process.name : "mctray.exe"` for a McAfee security binary). Then, search the results for the `process.code_signature.subject_name` field, which contains the signer's name (for example, `McAfee, Inc.`).

Expand Down
2 changes: 1 addition & 1 deletion docs/serverless/edr-manage/trusted-apps-ov.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ To add a trusted application:
+
*** `Hash`: The MD5, SHA-1, or SHA-256 hash value of the application's executable.
*** `Path`: The full file path of the application's executable.
*** `Signature`: (Windows only) The name of the application's digital signer.
*** `Signature`: (Windows and macOS only) The name of the application's digital signer.
+
[TIP]
====
Expand Down

0 comments on commit f01a0a9

Please sign in to comment.