Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Infosecurity Europe 2011: Lumension develops intelligent application whitelisting technology

Speaking with Infosecurity, Bentley said that Intelligent Whitelisting, as the firm calls the new technology, is a fully integrated endpoint security system based on the Lumension Endpoint Management Security Suite (LEMSS).

"This has been in development since the start of last year", he said, adding that very few vendors offer patch security and anti-virus as an integrated offering. And, he says, even fewer provide patch security and application control on an integrated basis.

The Intelligent Whitelisting platform, he explained, offers all three facilities as a integrated offering for corporates and, he says, the technology has been in active use – and well received – at a major client with around 120,000 users.

"When you have an IT system as large as that, the reality is that something is going to change on users' desktops, somewhere on the network, at some point throughout the day. Dealing with those changes on the traditional IT security front is an almost impossible task. And that's where Intelligent Whitelisting comes in", he said.

The IW platform, he says, is based on a reputational technology that Lumension has developed. And, he adds, it protects the users on the corporate network on several fronts.

"The reality is that anti-virus will never protect you from true zero-day threats. You then start to ask yourself – 'how big is the hole in my fishing net?' – and the answer is quite large, until you approach the security from a software whitelisting perspective", he said.

So how does IW work?

The software allows the IT department to deploy an application whitelist policy in an audit only mode and log all execution attempts within the whitelisted environment.

According to Lumension, policy definition has also been made easier with a local snapshot capability that captures all existing applications on endpoints and enables the IT department to quickly define unique whitelist policy baselines in highly variable environments.

Pat Clawson, the firm's CEO, says that, at the end of the day, it isn't really about blacklists versus whitelists.

"It's more about addressing the risk in the grey area of unknown applications which are exponentially growing and enabling a larger target area for malware to exploit", he explained.

To reduce this risk and the costs that go with it, Clawson argues that the IT department must regain control over their application and endpoint environments – and do so in such a way that doesn't impact end user productivity.

"Until now, that type of IT security solution wasn't available, but with the Intelligent Whitelisting, organisations can improve endpoint management and security while also reducing the operational headaches associated with traditional standalone products", he said.

What’s Hot on Infosecurity Magazine?