Application control

Application control is a security technology that recognizes only whitelisted or “good files” and blocks blacklisted or “bad files” passing through any endpoint in an enterprise network. It is useful for securing networks with BYOD (Bring Your Own Device) policies as it prevents potential damage from unwanted or unknown applications (executables, DLLs, Windows App store apps, device drivers, control panels, and other Portable Executable (PE) files).

Application control and other whitelisting technologies are vital in dealing with threats against single-purpose systems like PLCs (ICS/SCADA) and PoS. In these kinds of systems, the functions that need to be enabled are very limited and specific. Because of this, it is relatively easy to specify files that are allowed to pass through whitelisting filters.

Products with the application control feature can allow granular control for IT administrators. It can be used to limit application usage to a specific list of applications for specific users or endpoints. It not only blocks unwanted malicious downloads, it also protects against unauthorized malicious insiders who may try to download threats into the network.

Related Terms : Whitelisting, blacklist, PoS (point-of-sale) malware, SCADA

Related papers or primers : https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/bit-domain-deliver-malware-and-other-threats

Related infographics :
Links :
http://blog.trendmicro.com/trendlabs-security-intelligence/5-years-500-m-good-files-counting/

Products :