Bit9

There are hundreds if not thousands of anti-malware researchers who are extremely hard at work trying to give us the best possible set of signatures, the best possible protection against the bad things that are trying to harm us. They are the so-called blacklisters. We need to thank them. We also need to explain that not all security products fix all security scenarios. New challenges are making the old processes obsolete. Advances in security breed advances in malware creation, hence the flood of incoming samples.

Application Whitelisting in the current form, on the other hand, does some things extremely well. It is the best solution to lock down an end point to an acceptable set of applications and their derivatives. It has always been a challenge to deal with automatic updaters, patches, services packs and the like that continually change your system's basic software image. Application Whitelisting can give the flexibility of forgetting about these challenges and focusing on a positive security model.

But lockdown is not for all end point or all end users. They may need to have a flexibility to experiment, go outside of the box and drill down into more exotic areas of the Internet. Even though, Application Whitelisting could help them with software reputation and software assurance that the system has not been compromised by unknown software applications, it is still very prudent to combine the benefits of a whitelisting solution with that of a typical anti-malware suites.