Documentation Index

Fetch the complete documentation index at: https://docs.senhasegura.io/llms.txt

Use this file to discover all available pages before exploring further.

How to create/edit an application denylist in EPM macOS

Prev Next

This guide provides instructions on how to block applications in EPM macOS using a denylist.

Access path

  1. On Segura® Platform, go to the Products menu and access EPM > Policies > macOS > Access Policies.
  2. Click Add and, in the Segregation screen, choose the scope: General, Device, or Users.

General tab

  1. Fill in the fields:
    • Category*: Applications.
    • Name*: define a representative name (e.g., Block Browser X).
    • Status*: Active.
    • Action*: Denylist.
  2. Click Continue.

Applications tab

Applications tab

  1. (Optional) Record the session of these applications*: Active/Inactive.
  2. In Strategy, choose how the criteria will be evaluated:
    • Require any criteria: the policy will be applied if any of the criteria are met.
    • Require all criteria: the policy will be applied only if all the criteria are met.
  3. Add rules based on the following attributes:
    • Application Name: the name of the application you want to allow or block.
    • Package Identifier: the unique identifier of the application package.
    • Code Signature: the digital signature of the application, used to verify authenticity and integrity.
    • Installation Path: the full path in the file system to the application’s executable.
    • Developer Identity: the developer or organization that signed the application.
    • Version: the specific version of the application you want to allow or block.
    • SHA256 Executable Hash: SHA-256 hash of the executable, used to verify file integrity.
    • SHA512 Executable Hash: SHA-512 hash of the executable, used to verify file integrity.
    • Executable Name: the name of the executable file; may optionally include arguments to target specific executions.
    • Application Category: the category/type of the app (e.g., Productivity, Games, Entertainment).
    • User: the local account under which the application runs.
    • Arguments: command-line parameters required or expected during the app execution.
Info

Using regular expressions (Regex): For text-based criteria such as Installation Path, Executable Name, or Arguments, it is possible to use regular expressions in the PCRE2 standard within the Rule field.
This allows you to create flexible patterns to cover different application scenarios.

  1. Use the Add button to register each criterion individually.
  2. Click Continue.

Workflow tab

Not applicable. The Workflow tab is not displayed when Action = Denylist.

The Denylist blocks common execution of the application and does not involve an approval workflow.

Review tab

  1. Review the summary of General and Applications.
  2. Click Save.
Digital sovereignty is a fundamental right for citizens, institutions, and society. That’s why we work every day.
Connect With Us
SEGURA
LEARN
EXPLORE
Copyright © Segura. All Rights Reserved