Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42869
  • Total Topics: 16078
  • Online Today: 3170
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Bit9: Fighting malware with a white list  (Read 2669 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Bit9: Fighting malware with a white list
« on: 02. May 2008., 16:03:47 »


In security in the real world, companies screen the people who enter their building and admit only those who are authorized to be there, such as employees with badges and approved guests--a sort of white list for physical security.

(Credit: Bit9)
But when it comes to distributing applications on their computer networks, corporations do the opposite and use blacklists that block some known malware but let everything else in. Because antivirus and other security software doesn't detect every malicious app out there, a lot of bad stuff ends up on employees' machines.


About 65 percent of the applications released to the public are malicious, according to Symantec. To combat that trend, Symantec CEO John Thompson predicted at the RSA 2008 conference last month that technologies like white listing would be critical in the future.

And Microsoft's David Cross, director of program management for Windows security, told the RSA crowd a few days later that there would be an increased emphasis in Vista on white listing.

This is good news for Bit9, a provider of software for enterprises that helps them prevent malware distributions on the network.

"In the next two to four years, every PC will have a white list," said Patrick Morley, Bit9 chief executive and president.

Bit9 allows companies to create their own white list of software they will allow employees to run. They can lock down the computers so they run only the approved applications, set the software to block and alert the company when unapproved software is being downloaded, or simply monitor the situation.

"It doesn't work to let everything in and then try to figure out if it's bad software," Morley said in an interview.

Skeptical, I pointed out that there are varied needs within corporations and managing all the different requirements for individual employees and departments is already an IT headache. True, Morley said: "You can't stop people from doing the day-to-day work. It's got to be done in a way that's easy."

I asked security sage and notorious cynic Bruce Schneier to weigh in. "Seems like a really good idea," he wrote in an e-mail. "The whole idea of 'allow anything except what's on this list' doesn't work. It doesn't work for spam. It doesn't work for network perimeters. And it doesn't work for desktops."

(Copyright by CNET Networks, Inc.)


What do you think?

Samker's Computer Forum - SCforum.info

Bit9: Fighting malware with a white list
« on: 02. May 2008., 16:03:47 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising