Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Intelligent Whitelisting: An Introduction to More Effective and Efficient Endpoint Security

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up for yours below.

Log In

Sign Up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in out online comments.
Your password should be at least six characters long. It is case sensitive. Passwords can only consist of alphanumeric characters or ~!@#$%^&*()_-+=?.

By registering you agree with our terms and conditions and privacy policy.

The volume and sophistication of malware is skyrocketing, and traditional anti-virus approaches are struggling to keep up. Historically, the approach to dealing with the growing quantity and complexity of malware has been to build a better anti-virus “mousetrap,” without any shift in the underlying management model for vetting change in endpoint environments. The result has been bloated anti-malware technology with ineffective protection and abysmal performance. This increases endpoint total cost of ownership due to increased strain on IT resources and reduced enduser productivity, which puts further pressure on already flat or reduced IT budgets.

It’s time to rethink how we protect our endpoints.

The typical security professional tends to look at endpoint control as a choice between black and white: the blacklisting signature-based anti-virus technologies that struggle with today’s threats or the
first-generation whitelisting technologies that tend to impede user productivity. Think again, though.

A new “intelligent” approach to application whitelisting uses both methods and adds an automated way to determine whether the stuff in between – the so-called graylist – should be trusted and allowed onto your network. Intelligent whitelisting provides a unified workflow that brings signature-based and behavioral detection together with the power of whitelisting capabilities, and adds a “trust engine” which controls what changes are allowed. This
streamlines and automates the process of adding trusted applications to the whitelist. Intelligent whitelisting automates important queries against applications such as “Do I know where this came from?” and “Are others using it?” by using data from other endpoint security applications such as patch management to dial in the level of control and security desired. Not only does it dramatically reduce malware infection rates without affecting productivity, it also allows you to reduce the TCO of maintaining endpoints.