Need to proactively import file hash for containment

Our company writes our own EMR software, and we manage a number of urgent care clinics which use this software in addition to the Comodo Security Suite. I need to have a way of importing the SHA1 hash for the updated program executable BEFORE we do a program release. I realize we could approve it in testing if we had a test system set up with the security software installed, but it would be nice to be able to import a rule before we release our updated exe.

There is an ‘import/export’ option, but I only see ‘Export’ as being available under ‘Application Control.’ Should we submit our files for analysis to Comodo somehow - is that a thing?

It would be really nice to be able to utilize an API to automatically add these as they become available on our side.

Just not sure how to approach this…thank you!

you want to do this so that your executable is not picked up and auto contained?

Hi @maximillianx

While we have captured your feature request, I would like to explain a few more approach that might help you as of today.

  1. If you use code signing certificate and get validated as trusted vendor, your releases would be automatically trusted by everyone around world without need for any further action.
  2. You can upload these files to Valkyrie from the web portal (or we can share APIs) to get these analysed and verdicted before they run on any of your endpoints.
  3. You already mentioned this but you can run this on one machine and get the records to ITSM, Then provide admin rating on ITSM.
  4. If the output files are in a specific format, you can create a file group with well crafted definitions and exclude this file group on your profiles.

Please get in touch with us if you need any further data about these methods.

Best regards,


  1. do you mean trusted with you, or trusted in general in that we have a signed file?
  2. can you elaborate on this process with Valkyrie?
  3. the file falls into the user’s appdata folder (it’s a clickonce application, so it’s buried deep within the apps\2.0 folder structure).

It would be nice if we could simply trust the publisher via a rule of some kind.

Hi @maximillianx re point 1, please take a look at this webpage too

Thanks for this! I’ve applied for the Trusted Vendor Signup program so hopefully that will help us out. I logged into Valkyrie as well - how long does it normally take for a file to be approved on that list?

Hi maximillianx

Valkyrie is providing the results in maximum 4 hours. I’ll check your Trusted Vendor Signup request as well.

Hi @maximillianx

Valkyrie has two components, AI based automated analyses which would be completed around 45 seconds and also human expert analyses which has a target of 4 hours of operation.

In 95% of the cases, Valkyrie will determine the verdict with only automated analyses, so you will see the results around 45 seconds. On 5% of the cases, we see the need for human expert analyses and it might go up to 4 hours to get the final verdict.

Best regards,

Thank you!

Hey faith, can you check on our signup submission?

@maximillianx , can you please provide me the details of your submission? I couldn’t find it. Feel free to respond with the details to the private message I sent to you.


This generally should be in a FAQ somewhere, I see this come up all the time with things like customized OpenVPN installers and such. Good to know you can simply submit it to Valkyrie or run it one computer, then whitelist it.

Agreed. We’ll prepare such a page and publish. I’ll then inform here as well.

As an update, I am now signed up with the trusted publisher site - thanks so much faith! We have a new beta release coming out soon, so I will keep my eyes peeled for any issues.

I’m happy to hear this. Please inform me just before the beta release, I’ll keep a close eye on it.