Businesses and home users have traditionally relied on antivirus to help protect their computers from malware. Antivirus software typically works by comparing files on a system against a list of known threats stored on virus definition files.
This approach is known as “blacklisting”. Most antivirus also add behavior based detection for unknown malware.
An application “whitelisting” solution, on the other hand adopts the direct opposite approach. It allows files that are explicitly allowed by the system administrators and deny everything else. The immediate benefit is that there’s no dependency on virus definition files to protect a system from ‘any’ executable file-triggered malware, ransomware, known or unknown!
Despite appearing more prohibitive and unsuitable for workstations and servers, whitelisting approach is perfect for static environments and systems that perform a very specific set of functions such as point-of-sale terminals, ATMs, e-ticketing vending machines and various self-service terminals.
e-Lock’s WebALARM Embedded is an application whitelisting solution, purpose-built to help lock down and ensure system integrity of these increasingly attractive attack targets.
