Windows

GO Endpoint Manager for Windows is a Privilege Elevation and Delegation Management (PEDM) tool for Microsoft  Windows. Our tool is fully integrated with the broader senhasegura platform to allow end users to run applications requiring adminis...

GO Endpoint Manager for Windows is composed of the following: A centralized administration module on the senhasegura platform. An agent installed on the user's workstation. There are three available applications in the custom installation pr...

 This feature allows the user to run applications with or without privilege elevation. GO Endpoint Manager Core - Execute   Info The Core application is customizable. The image displayed and the description of items may ...

This feature allows the elevation of privilege for Windows Control Panel applications . GO Endpoint Manager Core - Control Panel Execute an application in the control panel Access the user's desktop. Start Core . Click Control Pa...

Configure approver lists Access the senhasegura platform. Navigate to GO Endpoint Manager➔Settings➔Approvers. In the upper right corner, select the icon  (⁝) Show actions and after, +New. Select +Approvers. In the list of users, ch...

This feature allows the user to manage the network interfaces of the workstations.  Caution The administration of network interfaces is performed in this menu and not through the Control Panel menu. GO Endpoint Manager Core - Netwo...

This menu displays the shared network directories of the user. Credentials are used to access a directory without exposing or mapping it. GO Endpoint Manager Core - Network Sharing Configure file sharing  On Windows: Access the us...

Register an application in uninstallers Access the senhasegura platform. Create an access list rule. In the list of Uninstallers , you can register applications in allowlist or denylist. Caution Applications registered in Uninstallers - ...

Overview You can use segregated configurations for specific workstation scenarios. This feature is available at: Control of directories and files Scan of directories and files Segregated parameters access lists Commands For segregation b...

Access the GO Endpoint Manager parameter configuration through the path Grid Menu > GO Endpoint Manager > Settings > Parameters > GO Endpoint Manager .  On the screen, you will find the following information: ...

Overview To manage situations where it is necessary to manage permissions for applications, users, and workstations, GO Endpoint Manager for Windows offers denylists and allowlists. Often, the administrator does not want to allow some applications...

In this document, you will learn how to configure application access lists on PEDM GO Windows clients, both for general segregation (for all workstations) and for specific workstations. How to configure application access lists for general segrega...

Configure access lists for automation in general segregation Access the senhasegura platform. Navigate to GO Endpoint Manager➔Policies➔Windows➔Access Lists. Click View actions (⁝). Select New general segregation. Choose Automations. I...

Configure access lists for applications in general segregation Access the senhasegura platform. Navigate to GO Endpoint Manager➔Policies➔Windows➔Access Lists. Click View actions (⁝). Select New general segregation. Choose Uninstallers. ...

When the Block elevation of privilege parameter is enabled, any attempt to run an application on the access list and not performed by GO Endpoint Manager will be blocked. Even if they are not elevated of privilege. Configure the privilege elevati...

This feature allows the administrator to register configurations to control the permission of Windows files and directories. Configure directory control Access the senhasegura platform. Go to GO Endpoint Manager ➔ Policies ➔ Windows ➔ Direct...

GO Endpoint Manager for Windows offers a DLL blocking function, which occurs when an executable attempts to load the process. Feature availability ✖3.26 and older versions        ✔3.27 and later versions Register an untru...

The trusted directory is a way of registering a path with DLLs to be ignored while blocking an allowlist or denylist if the parameter Enable DLL analysis? is active. That way, all DLLs in that directory will override any rule limiting them. Registe...

This feature allows you to choose a credential in your access group to perform the elevation. Impersonation eliminates any need to use the selected credential password in the process, preventing password leaks. Caution The credential must exist ...

GO Shell is a GO Endpoint Manager for Windows feature that allows the administrator to manage the execution of only previously allowed commands, thus having greater control over the use and security of the environment. Configure GO Shell Go to th...

Just-in-Time (JIT)  access allows users to elevate privileges as system administrators. So when JIT is active, the user will appear in the Administrators group. Configure JIT access Access the senhasegura platform. Go to the menu GO Endpo...

Overview GO Endpoint Manager for Windows provides credential queries in offline mode. When GO Endpoint Manager tries to establish a connection with the senhasegura platform and fails three times, it activates the offline mode automatically. There i...

Overview If the setting Enable multifactor authentication on login is enabled in the parameters screen, and the linked user has an MFA token configured in senhasegura, that user either logs into the workstation or accesses the workstation via RDP...

Configure access lists for applications in general segregation Access the senhasegura platform. Navigate to GO Endpoint Manager➔Policies➔Windows➔Access Lists. Click View actions (⁝). Select New general segregation. Choose Applications ...

Single Sign-On (SSO) is an authentication mode that allows you to do a single sign-on. Configure SSO Access the senhasegura platform. Go to GO Endpoint Manager ➔ Settings ➔ Parameters ➔ go Windows . Choose the Authentication section. Check ...

This feature allows the administrator to register configurations to scan directories and files to monitor inclusions, changes, and exclusions made by a user. Create general or workstation rules Access the senhasegura platform. Go to GO Endpoin...

Network blocking hinders scenarios where users try to access an IP other than the senhasegura platform. This parameter closes the session as soon as it starts. Block network access Access the senhasegura platform. Go to  GO Endpoint Manager...

GO Endpoint Manager integrates with UAC authentication in cases where an application needs to elevate the privilege on demand. In these cases, besides the Windows authentication options, the GO Endpoint Manager logo will be displayed. You must type...

You can update the GO Endpoint Manager para Windows version by the senhasegura server. A New version verification is performed every time the workstation application is started.   Configure automatic update Step (1/4) — Get the installer G...

The GO Endpoint Manager agent for Windows allows certain users to be monitored by video during the entire session. Go Agent Recording Rules The agent's recording logic for applications executed using the Go Agent is influenced by access list r...

Malware analysis is a feature of GO Endpoint Manager for Windows that allows you to evaluate binaries for which the user requests elevation of privilege. For the analysis, the binary will be forwarded to the Virus Total online service and evaluate...

Applications and uninstallers report This report shows all applications automatically mapped by GO Endpoint Manager services or executed. There is a list of all application uninstallers identified on workstations. As they are also applications, the...

Any application launched with the PEDM GO Endpoint Manager client is considered, in the operating system, as a parent process and, therefore, can have child processes. This document explains how the PEDM GO Endpoint Manager client processes ar...

What happens if the enable credentials flag is disabled in the GO parameters and the client has started? A message stating that the user cannot use credentials will appear, and the client will be shut down. What happens if I disable all flags f...