Trusted Vendors, Internet Protection | Client Security Help

Vendor List

Click 'Settings' > 'File Rating' > 'Vendor List'

There are three ways that a file can be treated as safe in CCS:

The file is on the Comodo safe list (a global white-list of trusted software)

The user has assigned 'Trusted' rating to the file in the CCS file list (‘Settings’ > ‘File Rating’ > ‘File List’)

The file is published and signed by a trusted vendor. The 'vendor' is the software company that created the file.

With regards to vendor settings, CCS handles unknown files as follows:

The file is allowed to run normally if:

The vendor rating is 'Trusted' AND you have enabled 'Rate applications according to their vendor rating' in File Rating Settings

The file is run in the container if:

The vendor rating is 'Unrecognized' AND you have enabled 'Rate applications according to their vendor rating' in File Rating Settings

The vendor is not in the vendor list (regardless of whether you have enabled 'Rate applications according to their vendor rating')

The file is blocked and quarantined if:

The vendor rating is 'Malicious' AND you have enabled 'Rate applications according to their vendor rating' in File Rating Settings

Vendor List

CCS ships with a list of trusted vendors who have a reputation of creating legitimate, safe software. CCS allows unknown files which are digitally signed by one of these vendors to run.

Click 'Settings' > 'File Rating' > 'Vendor List' to view this list of trusted vendors.

You can also add new vendors, and change the rating of existing vendors.

The vendor rating priority is as follows:

Admin

User

Comodo

Software publishers can get themselves added to trusted vendors by contacting Comodo with their software details. Click here to read more about this.

Click here if you want to read background information on digitally signing software.

Open the 'Vendor List' interface

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List':

The interface allows you to:

Add a new vendor to the list

View details of vendors and assign user rating

P erform an online lookup for vendors

R emove vendors from the list

Column Descriptions:

Vendor - The name of the software publisher

Rated By - The entity that assigned the rating you see in the 'Rating' column. This can be 'Administrator', 'User' or 'Comodo' rating.

Last Modified - Date and time the rating was most recently updated.

Rating - Current trust rating of the vendor. The possible values are:

Trusted

Unrecognized

Malicious

Click on the rating to assign a new rating

CCS obeys vendor ratings with the following priority:

Admin rating

User rating

Comodo rating.

There are three ways you can set a vendor rating:

1. Right-click on a vendor in the 'Vendor List'

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List'

Right-click on a vendor > Select 'Change File Rating to' > Choose a new rating:

2. In the file rating column

Click on the rating of a vendor in the 'Rating' column

Choose a new rating from the options:

3. From the 'File Details' dialog

Select a vendor in the file list

Click the 'Vendor Details' button at the top

Click the 'Vendor Rating' tab

Click the 'Rate Now' link beside 'User'

Set the rating as required

Click 'OK'

Context Sensitive Menu

Right-click on a vendor to open a context sensitive menu that allows you to view the 'Vendor Details' dialog, assign a rating to a vendor, add / remove vendors, and more.

Add - Manually add a new vendor to the vendor list. You can select an executable file or a currently running process to add the publisher who signed that file to the list.

Vendor Details - View the information about the vendor. You can also assign user defined trust rating to the vendor

Remove - Delete the vendor from the list

Lookup... - Check details of the vendor from the master Comodo trusted vendor list

Change File Rating to - Set user defined trust rating to the vendor

Reset User Rating - Clear user rating and reinstate Comodo rating

Controls

The buttons at the top provide the following options:

Add - Manually add a new vendor to the list. You can add a vendor by simply selecting a file or a running process. CCS will extract the publisher who signed the file/process.

Vendor Details - View information about the selected vendor. You can also set your own trust rating for the vendor from here.

Remove - Delete selected vendors from the list. You can only remove user-added vendors.

Lookup... - Check details of a vendor on Comodo's online trusted vendor list

Sort, Search and Filter options

Click any column header to sort the list in order of the entries in that column

Click the search icon in the 'Vendor' column header to look for specific vendors

Click the calendar icon in the 'Last Modified' column header to filter vendors by date modified:

Click the funnel icon in the 'Rated By' / 'Rating' columns to filter vendors by trust rating, and by who assigned the rating:

Add a new vendor to the list

You can add vendors simply by browsing to a file they have digitally signed

CCS will read the vendor's signature from the file and add them to the list

You can then assign your own rating to the vendor

There are two ways to add vendors:

Specify an executable file on your local drive

Select a currently running process

Add a vendor by reading the vendor's signature from an executable

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List'

Click the 'Add' button at the top and select 'Read from a signed executable'

Alternatively, right-click inside the vendor list and select 'Add' > 'Read from a signed executable'

Navigate to the executable file whose publisher you want to add to the vendor list and click 'Open'.

CCS checks that the .exe file is signed by the vendor and counter-signed by a Trusted CA. If so, you can add the vendor to the list by assigning your trust rating'.

Choose your rating and click 'OK'

The vendor will be added to the list with your rating

If the vendor is already on the list you will be notified:

You can assign your own rating to the existing vendor:

Choose your rating and click 'OK'

The user rating for the vendor will be assigned as you set

If CCS cannot verify that the software certificate is signed by a Trusted CA then it does not add the software vendor to the vendor list. In this case, you can see the following error message

Add a trusted vendor from a currently running process

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List'

Click the 'Add' button at the top and select 'Read from a Running Process'

Alternatively, right-click inside the vendor list and select 'Add' > 'Read from a Running Process'

Select the signed executable that you want to trust and click the 'OK' button

Comodo Client Security performs the same certificate check as described above. If the parent application of the selected process is signed, you will be able to assign a rating and add the vendor as described above

View details of vendors and assign user rating

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List'

Select a vendor and click the 'Vendor Details' button

Alternatively, right-click on a vendor and select 'Vendor Details'

The 'Vendor Details' dialog will open. The dialog has two tabs:

Overview

File Rating

Overview

The 'Overview' tab shows general details such as the vendor name, Comodo assigned rating, when the vendor was added and more:

Vendor Rating

The 'Vendor Rating' tab shows the vendor's current trust rating from Comodo and your admin and lets you set your own rating:

Change the user rating of the file

Select the vendor from the 'Vendor List' pane and click the 'Vendor Details' button

Click the 'Vendor Rating' tab from the 'Vendor Details' pane

Click the 'Rate Now' link beside 'User' and choose the rating from the drop-down

Click 'OK'

The trust rating of the vendor will be updated with the user rating in the 'Vendor List' interface.

You can change the rating for the vendor at anytime by following the same process

Tip: Alternatively, right click on a selected vendor, then choose 'Change File Rating to' from context sensitive menu and select the rating.

Click 'OK' in the 'Advanced Settings' interface to save your settings

Perform an online lookup for vendors

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List'

Select vendor(s) and click the 'Look Up...' button

Alternatively right-click on a vendor and select 'Look up...'

Comodo servers will be contacted immediately to conduct a search of Comodo's trusted vendor list database to check if any information is available about the vendor in question and the results will be displayed.

Remove vendors from the list

Click 'Settings' on the CCS home-screen

Click 'File Rating' > 'Vendor List'

Select vendor(s) and click the 'Remove' button

Alternatively right-click on a vendor and select 'Remove'

Background

Many software vendors digitally sign their software with a code signing certificate. This practice helps end-users to verify:

i. Content Source: The software they are downloading and are about to install really comes from the publisher that signed it.

ii. Content Integrity: That the software they are downloading and are about to install has not be modified or corrupted since it was signed.

In short, users benefit if software is digitally signed because they know who published the software and that the code hasn't been tampered with. They know they are downloading and installing the genuine software.

The 'Vendors' that digitally sign the software to attest to it's probity are the software publishers. These are the company names you see listed in the first column in the vendor list.

However, companies can't just 'sign' their own software and expect it to be trusted. This is why each code signing certificate is counter-signed by an organization called a 'Trusted Certificate Authority'. 'Sectigo', 'Identrust' and 'Digicert' are examples of trusted CA's authorized to counter-sign 3rd party software. The counter-signature is critical to the trust process, so a CA only counter-signs a certificate after conducting strict background checks on the vendor.

If a file is signed by a vendor with 'Trusted' rating in the vendor list and the user has 'Rate applications according to their vendor rating' in the 'File rating Settings' then it will be automatically trusted by Comodo Internet Security.

One way of telling whether an executable file has been digitally signed is checking the properties of the .exe file in question. For example, the main executable for Comodo Internet Security is called 'cis.exe', which has been counter-signed by Sectigo certificate authority.

In short, users benefit if software is digitally signed because they know who published the software and that the code hasn't been tampered with. They know they are downloading and installing the genuine software.

The 'Vendors' that digitally sign their software are the software publishers. These are the company names you see listed in the vendor list.

However, companies can't just 'sign' their own software and expect it to be trusted. This is why each code signing certificate is counter-signed by an organization called a 'Certificate Authority' (CA).

'Comodo CA Limited' and 'Verisign' are two example CAs who are authorized to counter-sign 3rd party software.

The counter-signature is critical to the trust process. A CA only counter-signs a certificate after it has conducted detailed background checks on the publisher.

One of the methods of identifying whether an executable file has been digitally signed is by checking the properties of the .exe file in question.

For example, the main program executable for Comodo Client Security is called 'cis.exe' and has been digitally signed.

Browse to the (default) installation directory of Comodo Client Security.

Right click on the file cis.exe.

Select 'Properties' from the menu.

Click the tab 'Digital Signatures (if there is no such tab then the software has not been signed).

This displays the name of the CA that signed the software as shown below:

Click the 'Details' button to view certificate details. Click the 'View Certificate' button to inspect the actual code signing certificate. (see below).

It should be noted that the example above is a special case in that Comodo, as creator of 'cis.exe', is both the signer of the software and, as a trusted CA, it is also the counter-signer (see the 'Countersignatures' box). In the vast majority of cases, the signer or the certificate (the vendor) and the counter-signer (the Trusted CA) are different.

The Trusted Vendor Program for Software Developers

Software vendors can have their software added to the default 'Vendor List' with 'Trusted' status that is shipped with Comodo Client Security. This service is free of cost and is also open to vendors that have used code signing certificates from any Certificate Authority. Upon adding the software to the vendor list, CCS automatically trusts the software and does not generate any warnings or alerts on installation or use of the software.

The vendors have to apply for inclusion in the vendors list through the sign-up form at http://internetsecurity.comodo.com/trustedvendor/signup.php and make sure that the software can be downloaded by our technicians. Our technicians check whether:

The software is signed with a valid code signing certificate from a trusted CA;

The software does not contain any threats that harm a user's PC;

before adding it to the default vendor list of the next release of CCS.

More details are available at http://internetsecurity.comodo.com/trustedvendor/overview.php.

Endpoint Manager

Comodo Client Security 12.4

English

Vendor List