In a report detailing the Russian malicious cyber activity, the Department of Homeland Security has listed Application Whitelisting as a top mitigation strategy.
The Department of Homeland Security has been a big proponent of Application Whitelisting as a top strategy to protect your systems from malware. In July of 2016 they released a report detailing the best practices to protect yourself from the ransomware epidemic. Application Whitelisting came in on their list of top mitigation strategies because it only allows specified applications to run.
Last week they released another report in combination with the FBI detailing Russian malicious cyber activity known as GRIZZLY STEPPE. The report contains a deep technical look into the activity and behavior of Russian malware. They also outline their top seven mitigation strategies, encouraging network admins to implement these recommendations. In this section, they highlight the importance of using application whitelisting as it is “one of the best security strategies”, alongside patch management and others.
“1. Patch applications and operating systems – Vulnerable applications and operating systems are the targets of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker. Use best practices when updating software and patches by only downloading updates from authenticated vendor sites
2. Application whitelisting – Whitelisting is one of the best security strategies because it allows only specified programs to run while blocking all others, including malicious software.”
We stand with the FBI and DHS that application whitelisting is a necessary approach. This is why PC Matic’s protection is based on an automated global whitelist, allowing us to remove the work that comes with traditional application whitelisting. We only allow known good applications and block all unknowns no matter how targeted or new they are. This allows you to stay on top of the newest malware as they will never be on our whitelist and will be blocked. PC Matic also includes patch management to update your vulnerable applications automatically, allowing you to easily stay on top of vendor vulnerabilities.