Patrick,
Congratulations to you and your entire team on being named the top provider in InfoWorld’s inaugural application whitelisting product review, just edging out second place finisher, CoreTrace. Roger Grimes did an excellent job of assessing each of the solutions. While we honestly believe that our BOUNCER solution is the better product (as you would expect), we wanted to congratulate you on your win this round.
We are very excited that the application whitelisting market is coming of age, and that all of the benefits are becoming well known and documented. Reviews like this one, combined with increasing customer adoption and Microsoft’s big push of AppLocker, are all clear evidence of this sea change.
Roger’s review reflects what we both know and are experiencing in competitive deals everyday: it is quickly becoming a two horse race between our two companies. This review is further evidence that any company considering Bit9 should look at CoreTrace, and vice versa.
We are looking forward to jointly growing the application whitelisting market with Bit9, and to competing aggressively with you going forward.
Congratulations again and good luck in the future,
Toney
October 2009 has come and gone and brought many new security stories with it. Trojan horses, botnets, and phishing remain hot topics, but October was dominated by Microsoft when it comes to endpoint security.
- Windows 7 Security is Front and Center – On October 22nd Microsoft Windows 7 officially went on sale and much of the news is concerning it’s improved security. eWeek highlighted the new Windows 7 security features in a recent article. Among the changes highlighted is the new AppLocker capability. I will be writing much more about this feature in the coming weeks, but for this post suffice it to say that they have the right idea with extremely poor execution. AppLocker brings application whitelisting to Windows 7 with some glaring omissions. The first problem, of course, is it only works on Windows 7, and even then only on enterprise editions. Another key problem is the lack of central administration which is the key to successful migration to application whitelisting. As I said, I will be spending much more on this topic in the coming weeks. Continue reading this post…
In a major step forward for application whitelisting as an important control to meet compliance guidelines, the PCI Security Standards Council has put out the following guideline adjustment regarding the addressing malware.
“The Council is looking for equivalent controls that address malware and all types of threats referenced in Requirement 5, which are often found in traditional anti-virus solutions. If another type of solution (application whitelisting, for example) addresses the identical threats with a different methodology than a signature-based approach, it may still be acceptable to meet the requirement.” Continue reading this post…
Traditional endpoint security based on patching and after the fact antivirus blacklisting is drawing to a conclusion of its useful life. It’s a topic that has been in the news much of 2009 and has comprised the topic of many of my own posts. For a sampling of this topic check out any of the following posts:
That, however, is not the topic of today’s post. Today I want to talk about application whitelisting as a compliment to, or alternative for, antivirus and the importance of managing additions and updates to legitimate applications – with the least amount of operational friction. Continue reading this post…
Please join Paul Roberts, senior analyst of enterprise security at The 451 Group, for a completely new look at Application Whitelisting in his webinar entitled “What Are The Real Benefits of Application Whitelisting: Security, Operations, Compliance?”
The webinar, sponsored by CoreTrace, will be held on October 27th at 2:00 p.m. EDT/11:00 a.m. PDT. Continue reading this post…