Whitelisting and change control for improving integrity

Written By:
Published:
Content Copyright © 2011 Bloor. All Rights Reserved.
Also posted on: Security Blog

Today’s security threats are complex and sophisticated and are getting ever harder to defend against. Attackers use multiple methods and vectors to try to bury deep into networks and are increasingly looking for longer term gain, rather than just a one-off theft. Traditional security controls that focus on previously seen attacks are no match for these complex, blended exploits.

Organisations deploy multiple security controls to defend their networks and these still have their place. However, there are newer technologies that have emerged recently that can improve their chances of defending against the insidious threats seen today – those of application control and change control.

Application control uses whitelisting to ensure that only authorised applications can be allowed to run and to prevent those with a malicious payload from executing. This is because if an application is not on the whitelist it can be automatically blocked. Change control technologies prevent vulnerabilities from being introduced into networks that can be exploited by controlling the configuration creep that occurs when changes are introduced into the network, whether intentional through patching or upgrades, or where misconfigurations have been introduced by mistake. Such controls can do much to ensure that the integrity of the network is kept as intact as possible.

Bloor Research has recently published a report that looks at the role played by these technologies in greater detail. The report can be accessed here upon registration: http://www.bloorresearch.com/research/white-paper/2099/taking-back-control-todays-complex-threat-landscape/