What are Trusted Groups and Trusted Users

For Application Allowlisting, CatchPulse makes use of Trusted Groups and Users who will have the rights to:

  • add new allowlist

  • modify the trust level of each program file

  • run any installation software that is trusted as an installer

  • modify CatchPulse settings.

By default, Administrators is the default trusted group who are allowed to do anything on Windows. Likewise for CatchPulse which will work on every Windows machine. For enterprise user with several administrators, you can add specific administrators to the Trusted Users and remove Administrators from the Trusted Groups. This is to only give rights to specific administrators instead of all the administrators.

One user can belong to a certain group or it can belong to multiple groups.

For example, admin belongs to Administrators and Users group. Sarah and Sophie each belong to Administrators and Users group respectively.

As shown under the Trusted Groups tab, these are the default groups created by Windows.

As shown under the Trusted Users tab, you may specify the Windows users to have rights to modify the allowlist and settings by entering the Windows User ID.

  • For Windows to boot up and run all the operating system files, it will log on as the System account in the background. Likewise, for Local Service and Network Service accounts, Windows have to use these accounts to perform some operating system tasks such as Windows Update. Therefore, all these 3 accounts have to be found in the Trusted Users list so as to allow Windows to add new allowlist and perform their tasks as per normal without being blocked by Application Allowlisting.

Note that when non-trusted user account tries to execute a Trusted Installer application, the trust level will be automatically downgraded to Trusted Application during run-time (not permanent).

In addition, for non-trusted users, their CatchPulse is always in Lockdown mode and they do not have permission to change the application allowlisting modes.


Support and feedback

Should you encounter any issues using CatchPulse with any of the mentioned or missed requirements above, you can write to us a docs@secureage.com.


This page was last updated: December 26, 2023