Allowing Bitglass certificates

You can either allow list the Bitglass certificate manually or automatically.

Manually

To manually allow the Bitglass certificate, you will just need the following two pieces of information:

  • Signed By: Bitglass, Inc.
  • Certificate Authority: DigiCert SHA2 Assured ID Code Signing CA
For Carbon Black, follow the steps below:
  1. In the Carbon Black management portal, navigate to Enforce > Reputation and click the orange Add button at the top right.


  2. Click on the Certs tab and then fill out the Signed By and Certificate Authority fields with the information above. Click Save at the bottom and you are done.


Automatically

To add the cert automatically, you would need to have had a device with the Forcepoint ONE SSE SmartEdge agent running so your system logs the processes/services.
  1. In the Carbon Black management portal, navigate to Investigate and select the Events tab. Search for one of the events invoked by the seproxy.exe process and click the Arrow to expand the information.


  2. You can expand the Processes tab and scroll to the bottom where you will see information about the signed cert. Click the Add button to add the cert to the approved list. A dialog window will appear to confirm your action and allow you to add comments if needed. Click Add and you are done.




    Note: Older versions of Carbon Black (3.4 and earlier) don't support allow listing via certs. To learn more about the differences between allow listing via hash, cert or IT Tools, refer to Carbon Blacks Knowledge Base on the differences.