Can whitelisting help combat the malware epidemic?
Malware on the Internet is a bad situation and any good news on that front is welcome. So it is encouraging to see that security expert Roger Grimes says that whitelisting may be an effective defense. Writing at InfoWorld, Grimes reviews five whitelisting applications and says that whitelisting may be the new best defense against modern malware. He begins his reviews:
Whitelisting security has always taken a backseat to blacklisting approaches. After all, when there is far more good software running on computers and networks than bad software, it’s just easier to block the bad than to approve all the good. But that was then, and this is now.
In 2009, the computer security defense world quietly marked a momentous threshold that should have us all looking anew at the value of whitelisting. Last year, the number of unique malicious programs and variants that were created outstripped all the legitimate software published in the world, straining the accuracy of anti-virus solutions like never before. It’s a disturbing fact that suggests whitelisting is now more suitable as a primary security defense than traditional anti-virus scanners, which are really nothing more than blacklisting programs.
Now for some good news: Just as whitelisting may be finding a receptive audience, a number of whitelisting solutions are proving to be mature, capable, and manageable enough to provide significant protection while still giving trustworthy users room to breathe. Nor are today’s whitelisting programs limited to locking down desktops to prevent malware executions — they’re also useful for software configuration and licensing compliance and regulatory auditing.
Grimes particularly likes Bit9 Parity Suite. At the moment, whitelisting suites are aimed at businesses and large users but whitelisting might soon be part of the home PC anti-malware arsenal. In fact, Windows 7 Enterprise and Ultimate have a limited type of whitelisting called AppLocker. Perhaps Microsoft will see the light and make something for the home version or perhaps one of the security vendors will.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.