ThreatLocker

This forum is for programmers who have questions about the source code.
Post Reply
SurgeTechAK
Posts: 1
Joined: Mon Nov 15, 2021 11:35 am

ThreatLocker

Post by SurgeTechAK » Mon Nov 15, 2021 12:05 pm

Anyone using ThreatLocker ?

It appears as though the hash changes for the Open Dental executable on a regular basis with updates, etc. Same goes with the updatefilecopier.exe.

Does Open Dental keep an updated list of hash information so I.T. support can update ThreatLocker rules prior to an update or does the hash on these files consistently change for some reason? We are running in to issues with ThreatLocker constantly requiring an approval request after Open Dental is shut down and re-started and based on our audits the hash changes on the executables which is what is causing this issue.

For Open Dental Developers - Any chance you could contact ThreatLocker and work with them to catalog your file updates so we can automatically be updated with ThreatLocker exclusions?

Thanks :)

User avatar
jordansparks
Site Admin
Posts: 5739
Joined: Sun Jun 17, 2007 3:59 pm
Location: Salem, Oregon
Contact:

Re: ThreatLocker

Post by jordansparks » Mon Nov 15, 2021 12:50 pm

Let's talk for a moment about how whitelisting works when using Windows Security Policy instead of ThreatLocker. In Windows, you can specify a path, a certificate, or a hash. Both path and certificate would allow Open Dental to run, and only the hash would block our updates. I tried to look for something similar in ThreatLocker, but they don't have any documentation online, so I sort of hit a brick wall. But it certainly seems reasonable that they would allow a rule based on our certificate.

Oh wait. I found it.
https://threatlocker.kb.help/trusting-a ... rtificate/
Jordan Sparks, DMD
http://www.opendental.com

Post Reply