• 14
    Dec
    Coexistence
    by Mike Rothman Comments

    In my last post here, I talked about some of the perceptions of whitelisting, what's a justified criticism, and what isn't. Yet, regardless of the use cases you're interested in for application whitelisting, you've got to factor in the reality of your existing endpoint security strategy and work whitelisting in appropriately.

    [more...]
    share
  • 8
    Dec
    Can Apple Successfully Implement Whitelisting?
    by Larry Seltzer Comments

    The mobile smart phone networks are probably the largest real-world practitioners of whitelisting for now.  Apple has been particularly aggressive in imposing their whitelisting scheme on the iPhone and iPad, just as their users have been aggressive in resisting it.

    [more...]
    share
  • 22
    Nov
    Intelligent Whitelisting is New: We Want to Hear From You
    by Pat Clawson Comments

    I’ve spent a good portion of my career in the security market and when I run across market confusion, it’s hard to ignore. Clearly, this is the case with application control/whitelisting – a hotly debated topic for the last 10 years. Many of us have varying points of view, which is exactly why we developed this site. 

    Changing IT security landscape

    [more...]
    share
  • 19
    Nov
    Negative Perceptions of Application Whitelisting? What Negative Perceptions?
    by Mike Rothman Comments

    Whenever I mention Application Whitelisting (AWL) to end users, I tend to get a similar reaction - usually some form of their eyes rolling up into their heads. Yet upon further questioning, it's clear that most customers out there have deep-seeded perceptions toward the technology and they are usually not positive. Their issues usually center on a few areas:

    [more...]
    share
  • 18
    Nov
    Leaving Malware All Dressed Up and Nowhere to Go
    by Paul Henry Comments

    According to the vulnerability statistics from CERT in 1990, we averaged fewer than 25 unique instances of malware per month at that time. With that low run rate of vulnerabilities, security companies could easily keep up creating defensive signatures for signature based Anti Virus (AV) to defend network environments. Today, as we approach 2011, we are seeing more than 1,500,000 individual instances of malware every month.  Do the math – the growth rate is nearly incomprehensible.

    [more...]
    share
  • 16
    Nov
    Certificates and the Stuxnet Attacks
    by Larry Seltzer Comments

    You may have heard of the Stuxnet worm, a famous malware attack that seems to have mainly targeted SCADA (Supervisory Control And Data Acquisition) computers in certain facilities in Iran, especially nuclear facilities. Stuxnet has been gaining a sneaking admiration among security analysts as perhaps the most sophisticated attack ever.

    [more...]
    share
  • 15
    Nov
    What do the recent dramatic changes in the security industry signal about the future of endpoint protection?
    by Toney Jennings Comments

    Whether we like it or not, endpoint security is undergoing the beginning of a big shift. Recent consolidation signals the beginning of a transition in the way we provide endpoint protection and the role traditional blacklist antivirus plays to that end. Endpoint protection, instead of relying on an after-the-fact technology that defeats threats by having seen them and distributing signatures, is moving toward a foundation of application whitelisting for prevention and application intelligence with blacklisting playing an auditing and cleaning role.

    [more...]
    share
  • 14
    Nov
    Defending Against Stuxnet
    by Richard Stiennon Comments

    When the history of malware is written, Stuxnet will have a special place.  Carefully crafted malware that targets particular systems has long been the material of cyber thrillers and perhaps hysterical allegations. A few of my favorites: CIA blown pipeline in Russia that caused economic disruption that led to the demise of the Soviet Union and the US military-infected printers in Saddam Hussein's Iraq that were poised to take down their networks.

    [more...]
    share
  • 14
    Nov
    Why Change is Needed
    by Eric Ogren Comments

    Whitelisting has intrigued me for some time, starting several years ago while I was at Yankee Group advising a small company with a positive security model. That company was named SecureWave, since acquired by Lumension, and the technology has evolved to provide a nice complement to traditional anti-virus products. It was a much simpler approach to what we wanted to achieve with host intrusion prevention while I was at Okena. 

    [more...]
    share

You Need a New Approach

Current approaches to protecting endpoints from malware are ineffective and that is costing your organization money. Adding application whitelisting to your arsenal will help you regain control, improve security, and reduce costs. But how?

Join this panel of security experts for intelligent conversation about making application whitelisting work for you.

IT Security on Twitter

Receive the Newsletter

Contribute

Are you a security expert? Suggest a topic or inquire about blogging for this forum. 

Email us at contribute@intelligentwhitelisting.com

2010 All Rights Reserved
Brought to you by Lumension
Privacy Policy