How to Add Applications to Securden EPM?

Once the computers are added to Securden EPM and the agents are deployed on all domain and non-domain endpoints, adding the applications that are used by employees is the next step.

Securden provides three ways to add applications to the repository.

• Automatic Discovery by Agent

• Manually Adding Individual Applications

• Import from Applocker

The Agent will automatically discover applications that are run with elevated permissions and add them to the Securden repository. The agent will be able to observe and fetch applications in learning and operational mode. If the agent is in idle mode, it would not fetch any applications from the endpoints.

Administrators can manually add applications to the repository through two methods. They can define the application attributes explicitly or import applications from Applocker.

How to Import Applications from Applocker into Securden EPM?

If you utilize the AppLocker tool to allow or deny applications from running, you can import the applications and policies in Securden. You can import from Applocker by navigating to Applications >> Add >> Import from Applocker.

By default, Securden only imports the applications that form the policy.

Import Policies

To import the allow or deny policy, select the corresponding checkbox during import. Once enabled, control policies will be created - 'Allowlist' for allowed applications and 'Blocklist' for denied applications.

Allow Duplicate Applications\Policies to be imported

If there are duplicate applications or policies, if 'Import Policies' is checked, you can choose to only import them once. Select the corresponding checkbox during import.

How to Manually Add Applications to Securden EPM?

To add applications manually navigate to Applications >> Add >> Add Application.

1) In the window that opens, you need to specify the name of the application and provide a description for the same.

2) Specify the application type based on the operating system of the application.

3) Applications can be identified using different attributes. These include

1. Digital Signature

2. File Path

3. Folder Path

4. Original File Name

5. File Name

6. File Hash Value (SHA-256)

7. Signature Thumbprint

8. Publisher's Name

9. Product Name

10. File Version

You need to specify the attribute type and its corresponding value as the criterion for identifying the application.

4) You can define multiple attributes which Securden uses as the criteria for identifying the application on the endpoints through the agent. You need to add attributes and their corresponding value by clicking on the plus button.

5) Optionally, you can create exceptions for importing applications in a similar manner to defining the application attributes.

Let us discuss this with an example of importing the application named Photoshop published by Adobe. We don’t want to import Photoshop versions 24.0.1 and below.

Here, we would use two attributes to define the application.

1) Original File Name -> Adobe Photoshop

2) Publisher Name -> Adobe Inc.

Here, the applications will be imported if they satisfy both the conditions.

To prevent the import of versions 24.0.1 and below, we can create an exception using the version attribute.

1) Choose the attribute as File Version.

2) Select the Value as Lesser Than and provide the Value as 24.0.2.

Now, all applications satisfy all the conditions.

How to Organize Applications into Groups?

Applications can be added to a group by navigating to Application Groups >> Add.

1) Provide a name and description of the application group.

2) Add the required applications by either searching or selecting the application from the dropdown.

3) To search the application, you can define the attributes and the value.

Once the applications are added, click Save.

How to Create Control Policies from the Applications Tab

You can select the applications for which a control policy must exist. You have the option to create a new policy or add the selected applications to an existing policy.

To create a new control policy,

1) Select the required applications and go to More Actions >> Create Control Policy.

2) In this window, select the operating system for which the policy is being created.

3) Provide a name and description for this policy.

4) Select the level of permissions granted through the policy.

1. For Windows, you have the option to grant Local Admin, Domain Admin, System privileges, and create an allowlist or blocklist.

2. For Mac, you have the option to grant Local Admin, System privileges, create allowlists and blocklists, and grant or deny SUDO privileges.

3. For Linux, you can grant or deny SUDO privileges for commands. '

5) Once the level of permissions is defined, you can associate the selected applications with specific computers/computer groups and users/usergroups.

To add the applications to an existing policy,

1. Select the required applications and go to More Actions >> Add to Existing Policy.

2. Select the operating system type of the desired policy.

3. Search and select the policy from the list of applicable policies.

4. Once the policy is selected, click Save.

The same can be done from the Application Groups window as well.

Frequently Asked Questions

How to Delete Applications in Securden EPM?

You can delete an application by clicking the bin icon. If you want to delete multiple applications in one go, you can select the required applications and then click on Delete.

How to Edit Applications in Securden EPM?

You can edit application attributes one at a time. Click on the pen icon and change the attributes. Click Save to save the changes.

How to View the List of Policies Associated with an Application?

The list of all policies governing the application can be viewed by clicking on View Report icon against each application.

How to Filter the Application Lists?

You can filter applications based on application types, status of applications, and certain advanced filters.