Palo Alto Networks regularly reviews and makes
changes to the list of trusted signers and makes the list available
with the default security policy. Any updates to the list of trusted
signers are made available with content updates that you can obtain
from the Support portal (for more information,
Updates). You can also define your own trusted signers from
the ESM Console. For Windows signers, adding a trusted signer adds
the signer to the list of highly trusted signers. Traps evaluates
trusted signers according to the Malware Protection Flow.
To view and configure
trusted signers, your role must have the
To whitelist a trusted signer:
Select the platform,
Select the action menu, and
Enter the name of the trusted signer.
) Specify the SHA1 hash of the certificate
that signs the file.
To identify the hash for a certificate that signs a file,
review the local agent logs after a file runs on the endpoint: