Create a CatchPulse policy

In the Policy Info sub-tab, enter a name for the policy. Make sure to use a name that will help in identifying this policy from the default and other policies (i.e. name of a department, company user type, privilege level, etc).

After naming the policy, you may begin pre-defining a collection of customized settings for a linked CatchPulse installation.

In the Cloud AV sub-tab, specify Full System Scan, Automatic Full System Scan, On Demand Scanning, Real-time Scanning and Daily Upload Limit settings or inherit the default setting for each.

In the Antivirus Settings sub-tab, specify a preferred AI Scan Sensitivity, Antivirus, and Real-Time Scanning settings or inherit the default setting for each.

In the Exclusions sub-tab, specify the files or folders to be excluded from scanning.

1. Type in the name of the file or folder you want to be excluded from scanning and click Add.

2. If you have more that one file and folder to add, repeat Step 1 until you've completed adding all of them into the User-defined Exclusionslist.

In the Trusted Groups sub-tab, specify the Trusted Groups who will have the rights to

• add new allowlist

• modify the trust level of each program file

• run any installation software that is trusted as an installer

  modify CatchPulse settings.

To specify the Trusted Groups:

1. In the Default Trusted Groups box, decide whether you'd like to inherit Default Trusted Groups. If you'd like to disable this setting, toggle the button beside Use Default Trusted Group to off.

2. In the User-defined Trusted Groups box, define your own Trusted Group by typing in the name of the group you'd like to trust in the textbox provided, and click Add.

3. If you have more that one Trusted Group to add, repeat Step 2 until you've completed adding all of them into the User-defined Trusted Groups list.

In the General sub-tab, specify Observation Mode,Trust based on digital signature, and Auto Adjust Trust Level or inherit the default setting for each.

In the Restricted Applications sub-tab, you can add an application to a Restricted Applications list, so that it will not automatically bring in other applications that may potentially harm the user’s system.

To add an application to a Restricted Applications list:

1. In the Default Restricted Applications box, decide whether you'd like to inherit Default Restricted Applications. If you'd like to disable this setting, toggle the button beside Use Default Restricted Application to off.

2. In the User-defined Restricted Applications box, define your own Restricted Application by typing in the name of the user you'd like to restrict in the textbox provided, and click Add.

3. If you have more that one restricted application to add, repeat Step 2 until you've completed adding all of them into the User-defined Restricted Applications list.

Only applications which have their certificate listed under the Trusted Certificate list will be trusted.

In the Trusted Certificates sub-tab, click here to add trusted certificates into a policy in CatchPulse Account Portal.

In Application Allowlisting, executing a script requires both the script interpreter (which executes the script) and the script file itself to be trusted. The script interpreter will refuse to open any non-trusted file.

If the script has a higher trust level than the script interpreter, the script interpreter trust level will match its trust level to the trust level of the script file. On the other hand, if the script has a lower trust level than the script interpreter, the script interpreter will be running at its own trust level.

To manage Script Interpreters in CatchPulse Portal Scripts sub-tab:

1. In the Default Scripts box, decide whether you'd like to inherit Default Scripts. If you'd like to disable this setting, toggle the button beside Inherit Default to off.

2. In the User-defined Scripts box, add a User-defined Script by typing in the Interpreter and Extensions in the textbox provided, and click Add.

3. If you have more that one User-defined Script to add, repeat Step 2 until you've completed adding all of them into the User-defined Script list.

Command Line Rules extend the allowlisting coverage to file-less attacks that make use of already trusted applications to infect PCs. Such attacks do not exist as a file and can remain undetected by Anti-malware programs and threaten the security of the user’s system.

This advanced feature of CatchPulse enables users to make additional rules on top of the default ones to increase the overall security of CatchPulse according to user preference and technical knowledge.

To add more Command Line Rules in CatchPulse Portal Command Line sub-tab:

1. In the Default Command Line box, decide whether you'd like to inherit Default Command Lines. If you'd like to disable this setting, toggle the button beside Inherit Default to off.

2. In the User-defined Command Line box, add a User-defined Command Line by typing the Process file name without the path and Parameter.

3. Next, select the desired Rules, Case-sensitivity preference and Action, then click Add.

4. If you have more that one User-defined Command Line to add, repeat Step 2 until you've completed adding all of them into the User-defined Command Line list.