Advance Policy for Applications

the advanced policy aims to cover desired edge cases and exceptions for system administrators when a policy in the application catalog is configured it's generic and applies to all the selected endpoints; however, with the help of advanced policies, system admins can configure different policies for users or users for selected devices to add an advanced policy user clicks on the +add upon clicking the add button, kron pam will display a 6 step menu to configure an advanced policy in the first step, the user is expected to name the advanced policy and select the targeted user or user group this policy will be applied to selected users or user groups the second step is to input application info; currently, users can configure policies based on application names and application hashes users can input an application manually, or if the agent has already discovered the application, it can be selected from the dropdown menu when an application is selected, the kron pam will also offer to select the discovered application's hash from the discovered endpoint selecting a hash along with the application will enforce more protection, but if the application is updated or altered in a malicious way, since its hash will also change agent will prevent the execution of that application while selecting these attributes, users can also decide the match type, which could be configured in 3 ways the application name can be an exact match, it could contain the given text, or it can be a regular expression in the 3rd step user will be configuring the policy action, whether this application is expected to be allowed, blocked, or elevated based on this selection flow the next step will be changed