The Application Whitelist — Why it Matters When it Comes to Modern Threats

Fighting Today’s Cyber Security Threats

As modern cyber security threats continue to advance, keeping your data safe becomes more and more difficult.  Especially for PC users who choose to keep their data secure by using an outdated anti-virus (AV).  The term outdated means two things.  The software may not be updated in regards to patch management.  Or, the AV could be functioning with outdated detection methods.

AV solutions functioning primarily from a blacklist are outdated.  A blacklist is a list of all the known malware.  If a user attempts to execute a file that is known to be malicious, the blacklist will block it.  However, if the file is unknown, meaning it could be bad or it could be good, the blacklist lets it through.  This method is no longer effective.  Malware changes every day, even every minute.  It is impossible for anyone to keep up with all of the known bad files.  Often times, security providers do not know if something is bad until it has already infected someone.  Therefore, there is always a victim.

The Whitelist – Changing PC Protection Options

By using a security solution that functions from a whitelist, the risk of malware infections dramatically decreases.  The whitelist is a list of all known good files.  Therefore, if the user attempts to execute a known bad file it will be blocked because it is not on the whitelist.  More importantly, if they attempt to run an unknown file, it will not execute until it can be tested and deemed safe.  However, this may lead to concerns for some users.  Such as how long do they have to wait for the program or file to be tested.  That depends on their security solution.  PC Matic offers two options:

  1. The user has the ability to locally whitelist the program/file.  If they have used the program and know it is safe, they can bypass the waiting period and add it to their local whitelist.  This will allow for the program/file to be accessible immediately to that specific user.
  2. Unknown files automatically get sent to the PC Matic malware research team — even if the user adds it to their local whitelist.  Within 24 hours, the unknown program/file is tested and deemed either safe or malicious.  If safe, it will be added to PC Matic’s global whitelist.  This means, any PC Matic user who attempts to open that same program/file will be allowed to do so, as it has been deemed safe.

(Visited 876 times, 1 visits today)

6 thoughts on “The Application Whitelist — Why it Matters When it Comes to Modern Threats

  1. I’m still trying to figure out if PC Matic is the only program I need to give me full protection ie. Antivirus, Malware etc. or should I be running anything else to keep my system completely safe. Firewalls etc. currently I have PC Matic and System Mechanic running and that’s it. Everything else is off. Am I good or not? Should I even have System Mechanic on my system.

    • PC Matic is a full anti-virus protection. This means, everything you attempt to run on your computer is scanned for security — if it is a known safe program it is going to execute. If it is unknown it will be tested. Whether you run additional security measures is entirely up to you. Some of our customers choose to do so as an added layer of protection. Some choose not to. Is it necessary — no. But some prefer it. I hope that clears it up for you. If not, reach out again!

  2. I’ve been really happy with the way PC Matic has taken care of my system for three years, but am at a loss of how the white list works. Do I set up the listing of computer applications I use or does PC Matic use the current listing of applications on my system as reference??

    I’ll take all the info I can about how this works.

    Cliff Golden

    • Hi Cliff – We’re happy to explain our whitelist. First, it’s a globally automated list. Meaning you don’t have to do anything, other than ensure the shield icon in your task bar (by your clock — bottom right hand corner of your screen) is green. PC Matic has been using the whitelist approach since 2009. That means for the last eight years, we have researching known good files and adding them to our global list. So, if you tried to execute a program or file that is safe, it will be on our whitelist and PC Matic will allow it to execute. If you try to run a file that we haven’t tested yet, our malware research team will test it prior to you executing it to ensure its safe. If you decide you do not want to wait, up to 24 hours, for our team to research it, you can bypass our global whitelist and make the program/file available immediately. Unless you have used the program before, and know it is secure, we do not advise anyone to bypass the whitelist.

      What is most important to understand is once a program is on the whitelist, if any changes are made to it — it is retested. This is to avoid malicious attacks. For example, Adobe Flash is a known good program. However, it is also known to be infected with malware, on occasion, because of the lack of proper updates done to that software. If Flash becomes infected, the coding is no longer the same. Our whitelist detects that and will retest it before it is allowed to execute again. I hope this makes sense. If you have any more questions, please let us know!

  3. How does one know when PC Matic is updated? Or constantly checking your P C ! Only when you run the program ?
    Thank You
    Willim Mauer

    • You will know PC Matic is running by ensuring the green shield icon is present in your task bar located by your clock. You will also receive emails, unless you have opted out, of your scan results each time your PC is scanned. If you have further questions, please do not hesitate to reach out to our support team at http://www.pcmatic.com/help.

      Thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *