Author Topic: Monitor the Windows Certificate Store and alert on attempted certificate install (Read 37740 times)

Adam Bottjen · « **on:** December 20, 2018, 04:21:17 AM »

I was listening to security now last week and Steve Gibson was talking about how Windows should be monitoring the certificate store and alert a user if an application wants to install a new certificate. I was thinking that might be a great feature for secureaplus if it's possible.

hendy · « **Reply #1 on:** December 20, 2018, 09:01:02 AM »

SecureAPlus has a different certificate list. The default setting for SecureAPlus is to trust the certificates that are in its trusted certificate list, which is different list from Microsoft Certificate store.

Therefore, even though a program is signed using a certificate that is trusted by Microsoft Certificate store, but if the certificate is not in the SecureAPlus trusted certificate list, SecureAPlus will block it from running.

To tighten the security measures, we can even turn off the "Trust based on Digital Signature". This means that the program will be trusted by the hash only. In this setting, regardless whether the program is signed, it will not be trusted, until it is approved to run.

warwagon · « **Reply #2 on:** December 23, 2018, 05:59:22 AM »

Yes, which is why I recommended it as a feature they should add.

Author Topic: Monitor the Windows Certificate Store and alert on attempted certificate install (Read 37740 times)

Adam Bottjen

Monitor the Windows Certificate Store and alert on attempted certificate install

hendy

Re: Monitor the Windows Certificate Store and alert on attempted certificate install

warwagon

Re: Monitor the Windows Certificate Store and alert on attempted certificate install