Application whitelisting provides the final piece to the endpoint security solution puzzle.
When trying to battle today’s cyber criminals, PC users must always be on the defense. This includes consistently trying to anticipate the hacker’s next move. This can be incredibly difficult. What if there was a security solution that did that for you?
Application whitelisting provides advanced protection against cyber threats by implementing a list of all known trusted programs and only allowing said programs to execute. If you try to run a program that has not been tested and deemed “trusted”, the program will not execute. This seems logical, right? However, very few security solutions actually include application whitelisting as a piece of their security solution.
Why isn’t everyone doing it?
If application whitelisting is truly the answer to win the ransomware war, why isn’t everyone implementing such logic? There are two issues that come up.
First, overhead time for IT administrators. Unless the whitelist is automated, it creates a major list of “to do’s” for IT admins, turning them off from the idea of such protection. However, as stated, if the application whitelist feature is automated, this completely removes the need for consistent monitoring by IT admins; therefore, it doesn’t hinder their daily productivity.
Second, is the potential for false positives, meaning a good file is deemed unsafe because it hasn’t been tested and determined as a trusted application. Using application whitelisting, false positives are going to happen. However, there are different ways to work around it. First the security solution offers users the ability to whitelist their own applications without being tested by malware research teams. This is not encouraged. If time is on your side, you can wait for the malware research team to test the program and properly categorize it as trusted, or as malware. This is testing is completed within 24 hours of attempting to execute an unknown file.
PC Matic offers a global automated whitelist solution. Also, any applications that are blocked from executing because of unknown safety, will be tested by the PC Matic malware research team and categorized within 24 hours of attempted execution.
CSO Online’s Kacy Zurkus, recently wrote an article on application whitelisting as a security solution. In which, Vice President of Cyber Security, Dodi Glenn, provided expert advice on the solution. Read the full article here.