Editor's Corner
[caption id="attachment_1367" align="alignright" width="150" caption="Stu"]
[/caption]Wow, this is actually major security news. I found this on the blog from
Coretrace, and they said: "This week, McAfee, one of the two dominant
forces in reactive, blacklist-based endpoint security, actively and
unequivocally endorsed Application Whitelisting. Ironically, in hard
coverage of Symantecs recent problems with pcAnywhere, the industry is
actively recommending application whitelisting too." Here is the link:
http://www.coretraceblogs.com/2012-01/security-earthquake-that-nobody-felt-mcafee-endorses-application-whitelisting/
So, what is the big news? It turns security on its head. Instead of
keeping bad code out, with application whitelisting (also known as
Application Control) you only allow known-good code to run. That's
really a 180, and very, very interesting from a system admin perspective.
I have done some research in this area and have written a whitepaper
about whitelisting, and why as a system admin you should look into
this for the near future. This is a new security layer for your
'defense-in-depth'. You will hear more from me about whitelisting this year:
http://www.knowbe4.com/resources/the-endpoint-security-advantages-of-whitelisting-a-whitepaper-for-system-administrators/
