Comments on: Two things antivirus companies do not want you to know about Application Whitelisting: It is not lockdown and it does include blacklists! http://www.coretraceblogs.com/2010-11/two-things-antivirus-companies-do-not-want-you-to-know-about-application-whitelisting-it-is-not-lockdown-and-it-does-include-blacklists/ The Application Whitelisting and Security Weblog Thu, 16 Feb 2012 16:40:03 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: Top Endpoint Security Stories for November 2010 — If malware is a top security concern, then why does it take so long to fix known vulnerabilities? http://www.coretraceblogs.com/2010-11/two-things-antivirus-companies-do-not-want-you-to-know-about-application-whitelisting-it-is-not-lockdown-and-it-does-include-blacklists/#comment-6197 Top Endpoint Security Stories for November 2010 — If malware is a top security concern, then why does it take so long to fix known vulnerabilities? Fri, 10 Dec 2010 21:10:29 +0000 http://www.coretraceblogs.com/?p=2347#comment-6197 [...] using leading application whitelisting solutions such as CoreTrace’s BOUNCER get the best of both worlds. BOUNCER uses whitelisting to prevent the execution of any malware [...] [...] using leading application whitelisting solutions such as CoreTrace’s BOUNCER get the best of both worlds. BOUNCER uses whitelisting to prevent the execution of any malware [...]

]]> By: Toney Jennings http://www.coretraceblogs.com/2010-11/two-things-antivirus-companies-do-not-want-you-to-know-about-application-whitelisting-it-is-not-lockdown-and-it-does-include-blacklists/#comment-5460 Toney Jennings Tue, 16 Nov 2010 14:52:00 +0000 http://www.coretraceblogs.com/?p=2347#comment-5460 Excellent question! Hope you don't mind, but this is directly from my recent "Top 7 Things You Need to Know About Application Whitelisting" brief (after all, why recreate the wheel each time!): <em>All good Application Whitelisting solutions stop vulnerability-leveraging payloads that are deposited to disk from executing, but leading solutions like BOUNCER are designed to help stop attacks inside legitimate, whitelisted applications by controlling the code running in memory. By preventing the execution of any process that is not launched by an approved application, BOUNCER stops attempts like DLL injections or attempts to write to kernel memory.</em> Excellent question! Hope you don’t mind, but this is directly from my recent “Top 7 Things You Need to Know About Application Whitelisting” brief (after all, why recreate the wheel each time!):

All good Application Whitelisting solutions stop vulnerability-leveraging payloads that are deposited to disk from executing, but leading solutions like BOUNCER are designed to help stop attacks inside legitimate, whitelisted applications by controlling the code running in memory. By preventing the execution of any process that is not launched by an approved application, BOUNCER stops attempts like DLL injections or attempts to write to kernel memory.

]]> By: BK http://www.coretraceblogs.com/2010-11/two-things-antivirus-companies-do-not-want-you-to-know-about-application-whitelisting-it-is-not-lockdown-and-it-does-include-blacklists/#comment-5459 BK Tue, 16 Nov 2010 14:44:59 +0000 http://www.coretraceblogs.com/?p=2347#comment-5459 What about malware that doesn't touch the disk and is strictly in memory? What about malware that doesn’t touch the disk and is strictly in memory?

]]>