Comments on: Whitelisting applications versus Anti-virus

By: Kraig Godden

Kraig Godden — Tue, 07 Sep 2010 08:55:11 +0000

Guys great article, its always that hard question to answer and one that i am most interested in. I have been testing an environment at our training centres to use whitelisting, and to be honest i completely agree with argoran. I also have a friend that used to work for a very big software company that and get told the very same thing, so know I don’t trust them

By: Adam Vero

Adam Vero — Mon, 28 Jul 2008 22:11:08 +0000

Keith
I don’t know of any tools to control those in a whitelist type fashion, although I think some of the anti-spyware solutions allow you to specify exceptions to prevent false positives

If anyone does know of smart ways to manage these on an enterprise-wide basis then please post a comment to share these solutions (and please declare any interest if you are the software’s author, distributor etc).

By: Keith

Keith — Mon, 28 Jul 2008 21:20:09 +0000

Would whitelisting help with virus/apyware issues such as Internet Explorer BHO’s (browser helper objects)

By: argoran

argoran — Mon, 23 Jun 2008 13:05:35 +0000

very interesting; I agree that with larger organisations it starts to fail – the weak link which is ” people ” kicks in; I have been working in an org of around 30,000 + and used one of the well known whitelisting applications out there – however the problem isn’t with the application it’s with the sheer number of files per application, and I know for a fact that no one will ever ( unless in the case of a disaster ) look into every single file, which leaves the door wide open to malware and spyware that come bundled with vendor’s software.
The other issue is that we trust software vendors blindly when it comes to corporate software, it’s “unthinkable” that a vendor would “knowingly” put malicious code in their software as if the developers were saints – I as a developer know that that isn’t the case, infact one of my colleagues once told me that while he was working in a reputable software house, they were told not to fix all the bugs purposely so that they have another version to release and bug fixes ..i.e. money! if that isn’t malicious code then I don’t know what is – and with this problem whitelisting definitely fails.

By: steve

steve — Tue, 26 Feb 2008 20:04:58 +0000

Interesting… the whole issue for me with supporting a large number of users is that I believe you have to have a multi-layered approach to security. You could have the following layers:

Employee education
anti virus
white listing
etc.

The point is that there isnt one solution for the issue of malware.

By: Idetrorce

Idetrorce — Sat, 15 Dec 2007 13:14:02 +0000

very interesting, but I don’t agree with you
Idetrorce

By: Using anti-virus software to keep the elephants away « Getting IT Right

Using anti-virus software to keep the elephants away « Getting IT Right — Mon, 01 Oct 2007 07:34:40 +0000

[...] more, and this is certainly a moving target. However, I still don’t see businesses using whitelisting as a replacement for anti-virus, but as a useful complement in a managed [...]