The Intelligent Whitelisting website includes a forum that will provide an area for the security community to debate the pros and cons of intelligent whitelisting as a means to prevent malicious attacks.
According to the website, whitelisting “prevents any program file/executable form running unless explicitly permitted in the whitelist. By creating a whitelist of known good applications, everything else – malware, unwanted applications, unknown programs, etc. – is blocked until authorized to run.”
The forum is run by a panel of information security experts that include Rich Mogull and Mike Rothman, Securosis analysts and bloggers; Richard Stiennon, IT-Harvest analyst and blogger; Larry Seltzer, contributing editor of PC Magazine and author of Security Watch blog; Eric Ogren, founder of the Ogren Group; Paul Henry, forensic analyst at Lumension; and Toney Jennings, CEO of CoreTrace.
Topics to be explored in the forum include whitelisting’s ability to guard against attacks like Stuxnet and Zeus, how it protects dynamic end points in a way that does not overburden IT staff or impede employee productivity, and how technological advances enable it to integrate with other tools such as anti-virus and patch management.
Commented panelist member Seltzer: “Application whitelists can’t be overwhelmed by attack volume, as anti-malware products often are. It’s time to work towards moving application whitelisting into the mainstream of enterprise security and I hope we can help to do that.”
Added fellow panelist Henry: “In an age of obsolete signature-based anti-virus and ever-increasing zero-day threats, whitelisting stands out as the clear choice for building a solid defense against current threats.”