We are having a great week where we are seeing more evidence than ever for the value of application whitelisting in providing both endpoint protection and application control. Earlier this week we met with Gartner analyst Neil MacDonald and got his perspective on the future of application whitelisting. He had many good insights about the state of the industry and we particularly agreed with his perspective on the importance of “trusted change” to the success of any application whitelisting solution.
In our opinion there are only two things holding back application whitelisting.
- An easy adoption process that implements protection and does no harm.
The first goal of an application whitelisting solution should be to stop new threats without disrupting any existing applications. - A process for managing change.
Change management is critical to a successful application whitelisting application. Ultimately a new protective technology should be minimally visible by the end user and should be a net reduction to overall IT desktop management efforts.
At CoreTrace we are taking steps to address both of these issues and are advocating a rational approach to whitelisting that gradually and painlessly moves our customers to a more secure and easier to manage environment.
A second indication of momentum this week was McAfee’s continued promotion of application whitelisting and their recent acquisition of Solidcore. George Kurtz, a Senior VP at McAfee and personal colleague had this to say about his impression of the reception of application whitelisting:
“I have been traveling around the world the last two months, and the reception to this technology has been overwhelming. One bank I met with was keenly interested in protecting their ATMs and could not have DAT files pushed to each ATM because they had a whopping 8K of bandwidth. Yes – you read that correctly – 8K! Our Solidcore technology was a perfect fit for this application as well as many others – especially in a fixed function and constrained environment.”
We agree George, the reception to application whitelisting is tremendous, but think it goes way beyond fixed and constrained environments. Fundamentally, blacklist antivirus is no longer capable of providing the protection our desktops need against malicious code. Ultimately all important desktop assets need to look to a new model of security and application control that can prevent unauthorized applications from running.
The timing is right for anyone responsible for configuration management and security on PCs to look at application whitelisting as an evolution of desktop security and one with an important future.
[...] week I blogged about the general momentum around application whitelisting citing our meetings with Neil MacDonald from Gartner and a recent post from George Kurtz of [...]