According to The National Institute of Standards and Technology, using application whitelisting in high-risk environments is recommended where it is vitally important that individual systems be secure. To provide more flexibility, the institute suggests a whitelist may also index approved application components, such as software libraries, plug-ins, extensions and configuration files. The goal of whitelisting is to protect computers and networks from potentially harmful applications. Preventing the installation of unauthorized executables is necessary to ensure a secure work environment. Running a program such as Faronics Anti-Executable in Audit Mode can log all application launches in order to learn from user interactions and build a comprehensive whitelist of installed applications.
Anti-Executable software can automate whitelist creation for applications already installed on computers and effectively deploy software into active environments without requiring IT teams to re-image systems. Once verified by an IT administrator, a control list can be moved from Audit Mode, to Partial or Full Protection mode via a staged deployment option. This comprehensive control list can be used as a template and be applied to other systems to prevent other files from running without affecting day-to-day operations.
Audit Mode is the best way to analyze user behavior in order to prevent the installation of malicious software such as malware and other advanced persistent threats. All software activity can be easily reported, including which programs are causing the most violations and which computers have the highest number of security issues. IT administrators can allow or block the execution of applications on any computer and log all unauthorized application launches and software installation violations. Faronics Anti-Executable eliminates the reliance on critical blacklist updates and blocks any unknown treats which can bypass traditional antivirus solutions.