This is the third post in a series addressing what we see as an inevitable, protection focused, transition to application whitelisting and how that should take place practically. The posts already up on our blog are:
- Intro – Here we provide an overview of what is driving this transition.
- Part 1 Protect – This post highlights the need for companies to consider immediately adding application whitelisting to protect their endpoints.
We think that the transition will take place in three logical steps. First, adding protection to existing systems. Second, purifying those systems of any remnants of malware over time. Finally, providing a strong change management process that will allow users to be productive and deal with the inevitable changes to approved applications while still ensuring the protection that application whitelisting affords.
This blog entry deals with cleaning of endpoints that have gone through the protection step of the process. Continue reading this post…
The question of whether or not application whitelisting has an important role in the future of endpoint security is officially over. It does. Not only that, it is clear that legacy blacklist antivirus has lost the ability to provide any protection to endpoints and instead is relegated to an after the fact role geared at detecting infections and cleaning them up. I highlighted many of these 
In the past couple of months, whitelisting has been in the news through multiple different avenues. We at CoreTrace feel that the raising awareness that blacklist-based antivirus simply can no longer protect PCs is passing a critical point—a point that is going to lead businesses and eventually consumers to a whitelisting model that can prevent infection, not just detect and clean up the infection after the fact. Here is a look at some key news around this area: