|
|
|
|
|
|
by degamad
368 days ago
|
|
|
If I have an internal developer in such a scenario, then what makes most sense to me is to issue them a code-signing certificate or equivalent, and whitelisting anything signed by that certificate[1], combined with logging and periodic auditing to detect abuse. [1] <https://learn.microsoft.com/en-us/windows/security/applicati...> |
|
|