https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4532802#M6609 <P>thank you very much.&nbsp; MY assumption was this as it is built on IE 11 architecture for a third party software for automotive techs&nbsp;</P> Mon, 17 Jan 2022 17:10:54 GMT cheivilin 2022-01-17T17:10:54Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4529543#M6586 <P>I am newer to the Secure Endpoint Product and cannot find int he user guide or our current documentation for a warn trusted cert.&nbsp; I am assuming with the amount of software etc that is out there this could be a pretty normal occurrence and to keep an eye on this.&nbsp; But wanted to get a objective opinion.</P><P>&nbsp;</P><P>this is what i see with the device trajectory of the event:</P><P>File signed by Wavesor Software with certificate serial 04e41f85c676a21263778bd92dfbbbb8 from DigiCert EV Code Signing CA (SHA2). Expires 23:59:59, Wed Jan 25 2023 UTC. the certificate was warn trusted</P> Tue, 11 Jan 2022 15:20:54 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4529543#M6586 cheivilin 2022-01-11T15:20:54Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4530210#M6587 <P>Hello&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1297940">@cheivilin</a>&nbsp;,<BR />just wanted to check if I understood your question right. You want to configure some kind of rule which gives you an alert if a file with a specific certificate has been seen, right?<BR />Greetings, Thorsten</P> Wed, 12 Jan 2022 13:54:12 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4530210#M6587 Troja007 2022-01-12T13:54:12Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4530914#M6590 <P>NO i am trying to figure out if "warn trusted" is something i should be concerned with.</P> Thu, 13 Jan 2022 15:13:56 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4530914#M6590 lajolla95 2022-01-13T15:13:56Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4531554#M6595 <P>Hello&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/837797">@lajolla95</a>&nbsp;,<BR />a certificate issue does not outline if there is a threat active on an endpoint. Even legitimate older software is signed with an outdated certificate. What type of events are shown for the particular endpoint? Is there an Inbox instance raised? What is the disposition of the file hash? Any insights from Threat Response?&nbsp;</P> <P>There are many options in Secure Endpoint showing you if there is something wrong with the endpoint, in addition to the Certificate information.<BR />Greetings,<BR />Thorsten</P> Fri, 14 Jan 2022 13:29:12 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4531554#M6595 Troja007 2022-01-14T13:29:12Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4531775#M6599 It means there was a cert warning but either the software overrode it, or a user ok'd it.<BR />Wavesor is a maker of the Wave Browser... you'll want to get that off the machine.<BR /><BR /><BR /> Fri, 14 Jan 2022 19:20:34 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4531775#M6599 Ken Stieers 2022-01-14T19:20:34Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4532800#M6608 <P>thank you</P> Mon, 17 Jan 2022 17:09:56 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4532800#M6608 cheivilin 2022-01-17T17:09:56Z https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4532802#M6609 <P>thank you very much.&nbsp; MY assumption was this as it is built on IE 11 architecture for a third party software for automotive techs&nbsp;</P> Mon, 17 Jan 2022 17:10:54 GMT https://community.cisco.com/t5/endpoint-security/secure-endpoint-warn-trusted/m-p/4532802#M6609 cheivilin 2022-01-17T17:10:54Z