OpenSSL Sign Code is a tooling integration. Tooling Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
The Dropzone platform is able to use OpenSSL Sign Code to determine if an excutable has a valid cryptographic signature, and by whom it was signed. Invalid signatures, or signatures by known bad or untrusted parties are typically malicious indicators.
Enable OpenSSL Sign Code
The OpenSSL Sign Code Data Source integration does not require any API keys or credentials.
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app
In the bottom left hand corner, click Settings > Integrations
Integrations Dropdown
Click "Provided"
Click Provided
In the Search bar, search OpenSSL Sign Code, then click the kebab on the right
Select OpenSSl Sign Code
Click "Enable data source" to enable OpenSSL Sign Code
Enable data source
If you have any errors engage your Dropzone AI support representative.
