O'Reilly logo

Enterprise Security: A Data-Centric Approach to Securing the Enterprise by Aaron Woody

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Application whitelisting

A method to control what applications have permission to run on a system is application whitelisting. This method uses the logic that only what is permitted and trusted can run on the system; so if malicious software is installed on the system, it will not be able to execute. This model is closer to the trust model presented in Chapter 2, Security Architectures. Once trust is established for the applications on a system their behavior is either permitted or denied. This approach can be more effective than FIM, and with some solutions managing billions of hash baselines for trusted applications, false positives are rare.

Application whitelisting is a proactive approach to malware mitigation on end point systems such as ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required