Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What is Application Blacklisting?

Application Blacklisting prevents unwanted applications from running in your environment.

...

  • Known trusted applications in a whitelist
  • Potentially trusted applications in an orangelist (also known as a graylist)
  • Everything else in a blacklist 

Exception Blacklist

The exception policy approach is a good initial step when you begin monitoring your environment to determine what applications are actually exceptions. If you were to Automatically blacklist all .exe files it would break common functionality and bring your enterprise to a standstill.

 An exception blacklist will block any software that is not covered by existing whitelist or orangelist policies. Implement exception blacklisting only after much analysis, end user education, and policy refinement.

Warning

Implement exception blacklisting only after much analysis, end user education, and policy refinement.


You can add applications to a blacklist using some of the following criteria:

  • Application attributes
  • File hash
  • Location
  • Untrusted application

Whitelisting

Orangelisting