Security Management Strategies for the CIOAccess "Application whitelisting: an extra layer of malware defense"
This article is part of the April 2011 issue of Successful cloud migrations require careful planning
Application whitelisting makes too much pragmatic sense to not have appeal as an antimalware mechanism. Intuitively, a technology operating in the kernel that detects suspicious changes in an IT-controlled software configuration should be easier to scale than a technology that looks at all files to identify and clean attacks. Application whitelisting (AWL) came onto the security scene several years ago with an active approach to combat the success of malware infiltrating endpoints. Signature matching antivirus hasn't been able to keep pace with the volume of new attacks. Although antivirus scans are meant to detect attacks against its blacklist of malware signatures, attacks continue to sneak through, undetected by security software. In contrast, AWL validates the program the user requests to run is on the IT-approved software list and analyzes the integrity of the program before making an allow or block decision. The whitelist approach of approved applications and programs is a valuable, manageable and effective layer of defense that can complement the ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Application whitelisting: an extra layer of malware defense
by Eric Ogren, Contributor
Application whitelisting was hyped as an antivirus killer. Its real role is serving as an added weapon in the battle against malware.
-
Key steps for security incident response planning
by Ravila Helen White, Contributor
Security incidents are going to happen. Don't get caught flat footed.
-
Application whitelisting: an extra layer of malware defense
by Eric Ogren, Contributor
-
-
Antivirus vendors go beyond signature-based antivirus
by Robert Westervelt
Security vendors are adding new capabilities into their products to keep up with the surge in malware.
-
Cloud migration requires network retooling
by David Newman
Learn what is required for cloud migration, including retooling of network design and security controls such as encryption and DLP.
-
Antivirus vendors go beyond signature-based antivirus
by Robert Westervelt
-
Columns
-
An Internet kill switch bill wouldn't ensure security
by Paul Rohmeyer
Giving the president power to shut down the Internet would have devastating consequences.
-
Information security professionals can't waste this opportunity
by Michael S. Mimoso, Editorial Director
Grab your newfound visibility by the horns and figure out how to bring oversight and direction to cybersecurity.
-
Marcus Ranum and Gary McGraw talk about software security issues
by Marcus J. Ranum, Contributor
Marcus Ranum and Gary McGraw discuss software security issues in this new bimonthly feature where Marcus Ranum goes one on one with a fellow security industry insider.
-
An Internet kill switch bill wouldn't ensure security
by Paul Rohmeyer
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...