Ask the community

Creat policy binario .exe

bruna
Partner
Partner

Is it possible to create a policy to block whatsapp .exe download?

I created but I didn't succeed in the test.

5 Replies 5
oscar
Partner
Partner

Hello @bruna ,

 

could you please share the policy config? Please share as much detail as you can.

 

 

Thanks,

Òscar

bruna
Partner
Partner

whats.jpg

bruna
Partner
Partner

i created file type whatsapp.exe but not match

EmmanuelV
New Contributor

Hi Bruna,
are you sure that Whatsapp app is still available from Whatsapp website? it seams like now it's only available in MS Store. Can't try myself as the store is blocked.
Last time i was able to download .exe, it was called WhatsAppSetup.exe

Hope it will help

jforrest
Netskope
Netskope

Hi Bruna,

 

You will need to ensure the traffic is steered and SSL decrypted before any possible controls can be applied. DLP controls based on File Profile will also require that we are detecting the activity you are applying the DLP policy on so if you are not seeing the download activity in the application events you won't be able to natively do this. Please reference this guide I wrote for WhatsApp to ensure you are steering and SSL decrypting the traffic. If you are unable to block based on the file attributes once steered and SSL Decrypted, if you are leveraging Chrome you can use the developer tools to inspection and trace the network events to identify the URL or Header attributes associated with the download to configure and block that part of the session. Alternatively, you can leverage this guide to block WhatsApp outright to avoid the potential major data exfiltration vector.

Subscribe
Top Liked Authors

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In