Software Whitelisting Program Frequently Asked Questions

book

Article ID: 162448

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

What is the Software Whitelisting Program?  This FAQ will assist you.

Resolution

What is the whitelisting program?

At Symantec we go to serious lengths to generate, and also source, clean data to assist with our false-positive prevention efforts. The whitelisting program allows Enterprise customer software developers to provide us with their software for inclusion on our internal whitelisting database. The key benefit to providing us with the software is that it reduces the risk of false positives on the software whitelisted. 

Is this whitelisting process the same as the false positive process?

No, the whitelisting process is a proactive process. Prevention is better than cure. Therefore, with whitelisting, we request that concerned customers with a current Premium contract provide us with files/software prior to releasing it.  This is intended to avoid any possible future false positive detection on any files within your software.

If you are currently experiencing a false positive detection on one or more of your files then you should use the false positive portal.

Who can take part in this proactive whitelisting process?

Symantec customers with a current BCS or PCS contract can submit their internally-developed applications.  Contact your Technical Account Manager (TAM) for details on how to take part in this program.

I have a new version of my software. Do I need to submit this new version?

Whitelisting is file specific. A new version of your software may have new files and thus new versions of the files would not be known to us. This could result in a false positive occurring on the new files. In order to mitigate this risk, we recommend submitting new versions of your software to us.

What LiveUpdate definition will my files be whitelisted in?

The whitelisting process is cloud based (Insight) and therefore the whitelist is not contained in any LiveUpdate definition that is downloaded by the products. Requests from Symantec products to the Symantec cloud about the specific file being queried will inform the product that the file has a high positive reputation.

What products are covered by whitelisting?

Any Symantec products that are cloud enabled (use Insight) are covered by our whitelisting process. This includes products such as SEP 12.1 onwards, Norton 360, Norton Internet Security and Norton Security.

What else can I do to reduce the risk of my files being flagged as a false positive?

To prevent false positive detections we strongly recommend that you digitally sign your software with a class 3 digital certificate.

Code signing from a recognized and trusted Certificate Authority provides explicit third-party confirmation of the publisher's identity. It also helps ensure the integrity of the application since it indicates that code has not been tampered with since the initial digital signature.

What does Symantec do with the data?

Once validated, the data submitted is incorporated into Symantec’s clean file database and reputation web service. This data is then used for Symantec’s internal processes to mitigate false positives and by our cloud-enabled products to exonerate any possible false positive detection on the hashes of the submitted files.

Is the data shared with third parties?

No, the data is not shared with third parties.

Do other customers have access to the data?

No, other customers do not have access to the data.

Is it possible to submit .apk files for Mobile Insight whitelisting?

No, not at this time.