CatchPulse Features

CatchPulse policies offer various features to enhance your security measures. You can easily manage Trusted Groups and Users, Restricted Applications, Trusted Certificates, Scripts, Command Line Rules, Allow and Deny Lists, and Removable Devices with ease. You can create a default policy for your entire organization, a stricter one for sensitive departments like R&D or finance, and a more flexible one for other teams like marketing. This helps prevent potential threats and keep your devices protected.

  • Application Allowlist

    Application Allowlist enables administrators to manage which applications are permitted to execute on a system. It is a list of approved applications that are authorized to run on user's devices. Allowlisting helps to restrict the execution of unapproved applications, which prevents unauthorized access, data breaches, and other security risks.

  • Command Line Allowlist

    Command Line Allowlist enables administrators to manage the execution of command line operations on their systems.

    When a command line is added to the Command Line Allowlist, it is effectively granted permission to run. Any command line in the allowlist will not be blocked or prevented from executing. Command Line Allowlist ensures that only trusted commands are allowed to run on a system, thereby reducing the risk of unauthorized or malicious activity.

    For more information, see Manage Command Line Allowlist.

  • Command Line Rules

    Command Line Rules extend the allowlisting coverage to file-less attacks that make use of already trusted applications to infect PCs. Such attacks do not exist as a file and can remain undetected by Anti-malware programs and threaten the security of the user's system.

    For more information, see Manage Command Line Rules.

  • Exclusion

    CatchPulse automatically scans your entire computer with Cloud AV once every 24 hours and provides real-time protection against new possible threats that are saved to your PC's hard drive.

    However, you can manually exclude files and folders from being scanned. Files and folders added to the exclusion list will not be scanned by CatchPulse's offline and cloud AVs, and their contents will not be uploaded to the cloud.

    For more information, see Managing AllowLists.

  • OLE Denylist

    For more information, see Manage DenyLists.

  • Restricted Application

    In SecureAge Central, you can control the behavior of applications in CatchPulse that download, extract, or copy files from external sources.

    By default, CatchPulse trusts files with valid digital signatures, automatically designating them as trusted installers, which could unintentionally allow harmful applications to gain trust without user intervention.

    To prevent automatic trust assignment to newly created executable files, mitigate the risk by adding applications to the Restricted Applications list. This will ensure that potentially harmful applications are not unintentionally granted trust.

    For instance, Google Chrome, known for its file downloading capabilities, poses such a risk, as its signed status could lead to automatic trust designation for its executables; hence, administrators would need to add chrome.exe to the Restricted Applications List to prevent this automatic trust assignment and maintain system security.

    For more information, see Manage Restricted Application.

  • Removable Device

    As a security measure, CatchPulse users can prevent external storage devices from reading and writing to the PC. However, exceptions to this rule are possible on a per external removable storage device basis via allowlisting.

  • Scripts

    You can define which script interpreters can execute scripts on the system. A script interpreter is a program that reads and executes code. Scripts refer to executable files containing a series of commands or instructions that are interpreted and executed by a script interpreter. This security measure ensures that only trusted scripts are allowed to run in the system.

    By managing scripts, administrators can enforce security policies that dictate which scripts are permitted to run, mitigating the risk of unauthorized or malicious scripts compromising system resources or sensitive data.

  • Trusted Certificate Allowlist

    In SecureAge Central, managing trusted certificates involves maintaining a list of certificates recognized by applications, ensuring that only those added to this list are automatically trusted.

    For more information, see Extract a Trusted Certificate from a Software Package and Managing Trusted Certificate.

  • Trusted Group and Trusted User

    Trusted Groups are responsible for defining Windows groups authorized to modify allowlists and settings. On the other hand, Trusted Users specify individual Windows users who have such privileges. This feature authorizes designated personnel to add new allowlists, adjust program file trust levels, execute trusted installation software, and modify CatchPulse settings.

    You can manage Trusted Groups and Users to fine-tune access control within enterprise environments, ensuring that only specified administrators possess rights, rather than granting unrestricted access to all.

    Moreover, it is important to include essential system accounts like System, Local Service, and Network Service in Trusted Users to ensure smooth operation of Windows processes without restriction from Application Allowlisting.

    In cases where non-trusted users attempt to run Trusted Installer applications, the trust level is temporarily reduced to Trusted Application during run time. Meanwhile, CatchPulse remains in Lockdown mode for non-trusted users, preventing changes to application allowlisting modes.

More information

Support and feedback

Should you encounter any issues using the SecureAge Central with any of the mentioned or missed requirements above, you can always write to us a docs@secureage.com.

This page was last updated: September 03, 2024