Whitelist Security Approach

  • Analytical Agency’s View

    Having forecast technological developments in the sphere of corporate IT security, the major analytical agencies have paid a lot of attention to the concept of Endpoint Protection Platforms (EPP) as well as Whitelist and Application Control technologies.

  • Dynamic Whitelisting

    Despite the seeming simplicity of the Whitelist Security Approach, its implementation is far from being an easy task. The software world is developing rapidly – numerous new programs and updates are released daily. In addition, hacker attacks and the placing of malware on legitimate websites are becoming more frequent - for instance, on file portals in the Internet.

  • Practical Application

    The aptly-named Whitelisting approach to security ensures effective protection of different user categories and helps to solve a number of problems that are relevant today.

  • Kaspersky Lab's Approach

    When working on creating an optimum solution combining new and conventional technologies, it is important to create, develop and integrate both methods into a single technology base from a single vendor company. This is exactly the approach that Kaspersky Lab’s experts have used.

  • Kaspersky Lab Presents Its Dynamic Whitelist

  • Whitelist Security Approach

  • Whitelisting Technology In Kaspersky Endpoint 8

Boosting anti-virus performance

An application which is on the global Whitelist does not require regular checking by the security program. This helps to save system resources and improve the application’s performance.

Whitelisting and Application Control features

Diagramm Default Deny mode Golden Images Inventory Trusted updaters Categorization Flexible rules Local and Global Whitelisting database

Default Deny mode

Traditional 'Default Allow' policy Allows All applications running on a user's workstation Except those defined as Restricted or Blocked. In opposite 'Default Deny' policy allows the Blockung Of All applications running on a user's workstation Except those defined as Allowed.

Golden Images

A Golden image is a template of the ideal installation, done according to best practices and tuned for the best possible performance. 'Golden Image' category include the list of most important software which is necessary to start operating systems.

Inventory

Before implementation of any security policies, the software inventory can be used to automatically collect comprehensive information about the applications used across the corporate network

Trusted updaters

Trusted updater category allows known applications to be updated by trusted vendors. Thus approved update system (such as a management application or patch management utility) can commit changes to the system.

Categorization

Flexible software categorization allows administrators to use a predefined list of categories from Kaspersky Lab, take them from the endpoint or create their own list. Own categorization rules work according to the parameters created by the administrator, e.g.: file name and version; application name and version; vendor (publisher) MD5 hash; defined folders.

Flexible rules

Implementation of Flexible rules allows administrator to use dozens of Kaspersky Lab rules or create his own depending on multiple available options such as file name, MD5, vendor, source folder, etc.

Local and Global Whitelisting database

Kaspersky Lab Global Whitelist database is always available in the cloud. Also administrator can create local Whitelist database which will be valid for his corporate network only.

Whitelisting Digest

  • Effectiveness of Kaspersky Lab’s Whitelisting Technology Confirmed in First Testing

    Kaspersky Lab announces that the results of the first testing of its whitelisting technology (a security system based on a database of clean and trusted software) have been published by West Coast Labs, the research laboratory that conducted the testing.

  • Lab Matters - Are we up to a brighter future?

    Many security technologies rely on blacklisting malicious or suspi- cious files or applications in order to prevent users from running them. But that approach can have its limitations, and theidea of whitelisting applications and safe files has taken hold recently.

  • Lab Matters - Are all white list solutions equally effective?

    Like many other security technologies, there a number of approaches for implementing applicaiton whitelisting. Each offers its own unique benefits, but they're not all equally effective. Few of the current technologies have undergone any independent testing and there isn't much objective information available of their effectiveness. In this video, Vladimir Zapolyansky discusses the need for independent testing and what makes Kasperksy Lab's offering different.

Whitelist Digest archive →

Whitelisting and Software Reputation Based Services

Kaspersky
Trusted

The Kaspersky Trusted security mark indicates that an application is Kaspersky Lab tested and certified malware and virus-free. Only solutions that pass our rigorous checks are awarded the Kaspersky Trusted logo.

Whitelist For Software Vendors

Users and software vendors both suffer when legitimate programs are wrongly flagged as malicious by antivirus applications. This is known as a false positive detection. The Kaspersky Lab Whitelist program provides the perfect solution to this problem.