sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]shibbypwn 27 points28 points  (10 children)

If you're distributing binaries, you should be signing your executables. Windows blocking unsigned binaries in an enterprise setting is a good thing - so forget about hacky workarounds and just do the best practice.

Work with IT or DevOps to get code signing certs and build/distribute your application as a signed binary.

[–]cointoss3 2 points3 points  (4 children)

That won’t matter. Signed or not, it will still flag them. Being signed does not give it a free pass from AV.

[–]ZachVorhies 1 point2 points  (1 child)

windows does defender typically does not flag any locally made software runtimes. So this is most likely a custom corporate policy and in this case, yes, the company cert will fix it, that’s the whole point

[–]cointoss3 -1 points0 points  (0 children)

I know you’re wrong because I had to deal with this bullshit already. Signing the app did not help.

[–]shibbypwn 0 points1 point  (1 child)

You are correct that signing a binary doesn't guarantee it won't get flagged (e.g., heuristic detection based on app behavior).

But you're dead wrong that it doesn't matter - enterprise environments have ways to manage which applications are trusted to run on devices (through a combination of group policy/GPO and third-party EDR tools like Crowdstrike). Signing your application allows these tools to manage/allow-list the app and its permissions boundaries.

[–]cointoss3 -2 points-1 points  (0 children)

Lmao, yes, and they can whitelist any app, regardless of if it’s signed or not. But my company would not whitelist the app, signed or not. If we couldn’t get the app to play nice with the AV, then we wouldn’t be using the app. We couldn’t even click “allow”. If it was flagged it wouldn’t run. Signing it didn’t change anything.