Watchman Monitoring signs the code contained with in the Monitoring Client. This article details what code signing and whitelisting means to you, and addressing validation and whitelisting of the Monitoring Client.
Code-signing is the standardized process of using public key infrastructure (PKI) to digitally sign compiled code to ensure a trusted origin, and that the deployed code has not been modified. It is intended to provide a guarantee that the code you are installing does, indeed, come from who it says it comes (Watchman Monitoring) and that it is bona fide.
Whitelisting with Santa
santactl fileinfo /Library/MonitoringClient/Utilities/ContactMenu.app --key "Signing Chain" santactl rule --whitelist --certificate --sha256 ###hash###