What is the Proactive Whitelisting Program? This FAQ will assist you.
What is the whitelisting program?
At Broadcom we go to serious lengths to generate, and also source, clean data to assist with our false-positive prevention efforts. The whitelisting program allows Enterprise customer software developers to provide us with their software for inclusion on our internal whitelisting database. The key benefit to providing us with the software is that it reduces the risk of false positives on the software whitelisted.
Is this whitelisting process the same as the false positive process?
No, the whitelisting process is a proactive process. Prevention is better than cure. Therefore, with whitelisting, we request that concerned customers with a current Premium contract provide us with files/software prior to releasing it. This is intended to avoid any possible future false positive detection on any files within your software.
If you are currently experiencing a false positive detection on one or more of your files then you should use the False Positive portal.
Who can take part in this proactive whitelisting process?
Broadcom customers with a current premium contract for Symantec Endpoint Protection/Security product can submit their internally-developed applications. Contact your Designated Support Engineer(DSE) or Customer Service Manager (CSM) for details on how to take part in this program.
I have a new version of my software. Do I need to submit this new version?
Whitelisting is file specific. A new version of your software may have new files and thus new versions of the files would not be known to us. This could result in a false positive occurring on the new files. In order to mitigate this risk, we recommend submitting new versions of your software to us.
What LiveUpdate definition will my files be whitelisted in?
The whitelisting process is cloud based (Insight) and therefore the whitelist is not contained in any LiveUpdate definition that is downloaded by the products. Requests from Symantec products to the Symantec cloud about the specific file being queried will inform the product that the file has a high positive reputation.
What products are covered by whitelisting?
Any Broadcom/Symantec products that are cloud enabled (uses Insight) are covered by our whitelisting process. This includes products such as SEP 14.0 onwards.
What else can I do to reduce the risk of my files being flagged as a false positive?
To prevent false positive detections we strongly recommend that you digitally sign your software with a class 3 digital certificate.
Code signing from a recognized and trusted Certificate Authority provides explicit third-party confirmation of the publisher's identity. It also helps ensure the integrity of the application since it indicates that code has not been tampered with since the initial digital signature.
What does Broadcom do with the data?
Once validated, the data submitted is incorporated into Broadcom clean file database and reputation web service. This data is then used for Broadcom's internal processes to mitigate false positives and by our cloud-enabled products to exonerate any possible false positive detection on the hashes of the submitted files.
Is the data shared with third parties?
No, the data is not shared with third parties.
Do other customers have access to the data?
No, other customers do not have access to the data.
Is it possible to submit .apk files for Mobile Insight whitelisting?
No, not at this time.
Is there a Submission/file upload guidelines?
We are looking for standardization in file/FTP uploading process to speed up the white-listing process. This streamline will help us to grab files on time and process the submission at the earliest.