Author Topic: Application Whitelisting : Quickly Deploy the Most Secure Application Whitelisti  (Read 583 times)

Offline jasonX

  • Most Valuable Member
  • Youngling
  • *
  • Posts: 38
    • View Profile
Application Whitelisting : Quickly Deploy the Most Secure Application Whitelisting

Application Whitelisting has been around and in use in the security world for quite a long time. For those who may not already be familiar with AWL, it is, the opposite approach to blacklisting. Everyone is definitely familiar with blacklisting which of course is checking evvery file if it appears to be malicious, and if so, it is blocked from executing period! Thus damage is prevented.

The opposite approach is AWL -- Application whitelisting. By default will deny the execution of any application that has not previously been explicitly approved as “known to not be malicious”. The “default deny” method can effectively offer more security than traditional method of blacklisting offered by traditional AV's the biggest of whihc is that it will prevent malicious code like “zero-day” attacks, which the antivirus blacklist databases does not recognize because of it's zero-day release.

Read on below for digitalguardian.com's take on Application Whilelisting alongside with other pertinent and useful information and links.



Quote
Application whitelisting adds a critical layer of defense against evolving threats such as zero-day attacks that endpoint anti-malware frequently fail to detect. But most of today’s whitelisting products are too difficult to deploy, time-consuming to manage, and reliant on a centralized database. Our application whitelisting is easy to deploy, transparent to existing operations, and the most secure application whitelisting for Retail POS systems and industrial control systems.

Quote
There is no silver bullet in information security, but if managed correctly application whitelisting solutions at the endpoint provide exceptional protection from zero day and targeted attacks.
- The Power of Whitelisting, Neil MacDonald, Gartner

Deploy Application Whitelisting in Minutes

Our agents install in minutes and begin protecting endpoint systems immediately. Our software doesn’t require you to determine in advance which applications and libraries are required by each user. Once installed the Digital Guardian’s application whitelisting agent automatically creates a unique whitelist that determines what executables are permitted to run on that device.

Block Unknown and Unauthorized Executables on Workstations, Servers, POS Devices, and Industrial Controls

Our agent prevents new unauthorized applications from being installed. Upon confirmation of the approved whitelist, execution of any unauthorized application will be blocked, whether malicious applications (such as viruses, Trojans, or Bots) or unwanted/unknown applications. It is proven in the most critical environments such as Retail POS and industrial control systems.

Automate Application Whitelisting Management

Through the designation of trusted agents, our software enables you to use your normal methods for patching, updating, and installing software without having to explicitly look at or manage a whitelist. This trusted agent feature allows organizations to efficiently keep all authorized applications on endpoints updated and patched without requiring any additional intervention by the end user or IT.

Prevent Unauthorized Changes to Applications & Executables

These agents block any attempts at unauthorized additions, deletions, or modifications and log both authorized changes and unauthorized attempts.

Source HERE

Tech Overview on Application Whitelisting HERE

DG_AppWhitelisting_Datasheet HERE

Ten Common Misconceptions about Application Whitelisting HERE

NIST Publicaion on Application Whitelisting HERE

Application Whitelisting Trifold HERE

Using SRP

Application Whitelisting: Panacea or Propaganda? from the SANS Institute HERE