Essential Guide

Secure Web gateways, from evaluation to sealed deal

A comprehensive collection of articles, videos and more, hand-picked by our editors

application whitelisting

Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applications, and, to a lesser extent, to prevent unnecessary demand for resources.

Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applications, and, to a lesser extent, to prevent unnecessary demand for resources.

The whitelist is a simple list of applications that have been granted permission by the user or an administrator. When an application tries to execute, it is automatically checked against the list and, if found, allowed to run. An integrity check measure, such as hashing, is generally added to ensure that the application is in fact the authorized program and not a malicious or otherwise inappropriate one with the same name.

Blacklisting, the opposite approach to whitelisting, is the method used by most antivirus, intrusion prevention/detection systems and spam filters. The blacklisting approach involves maintaining a list of undesirable applications and preventing them from running.  However, the ever-increasing number and variety of threats in existence means that a blacklist could never be comprehensive, and as a result is limited in its effectiveness.

There is no consensus among security experts over which technique is better. Proponents of blacklisting argue that application whitelisting is too complex and difficult to manage. Compiling the initial whitelist, for example, requires detailed information about all users' tasks and all the applications they need to perform those tasks. Maintaining the list is also demanding because of the increasing complexity and interconnections of business processes and applications. On the other hand, proponents of whitelisting argue that it is better to put in the work to protect systems in the first place -- and save the resources required to deal with undesirable programs and the resulting problems that the blacklisting approach fails to prevent. 

 

See also: application security, Trojan horse, spyware, adware, drive-by download, pop-up download, barnacle, rootkit, malvertisement, clickjacking, scareware

This was first published in June 2011

Continue Reading About application whitelisting

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

Secure Web gateways, from evaluation to sealed deal

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close