Looking for information regarding the catalog

grmorgan618 · October 30, 2018, 05:16:42 AM

I was approached the other day regarding the use of your catalog with a security question, since the person asking is my director - i sort of need to provide an answer

How does Patch My PC ensure that the content you distribute has not been compromised?
Is the hash of the binary downloaded from the vendor verified before the package is created and made available OR does the publishing service download the files directly from the vendor during acquisition?

The concern is around virus or malware making it into your process and then distribute it under our code signing cert to our endpoints.

In your response, please any links you have to virus scaning, hash validation, etc that is part of your creation and distribution process prior to enabling customer consumption of a patch.

Thanks!

Justin Chalfant (Patch My PC) · October 30, 2018, 08:03:49 AM

Hey!

Let me know if this helps https://patchmypc.com/deep-dive-into-security-validation-of-third-party-software-updates-in-microsoft-sccm

grmorgan618 · October 30, 2018, 08:05:42 AM

Awesome - this is exactly what i needed!

Looking for information regarding the catalog

grmorgan618

Justin Chalfant (Patch My PC)

grmorgan618