Airlock Digital v7.0: More Control. Faster Decision Making.

Improved visibility, simplified policy work, and reduced administrative exposure

Application Control remains one of the most effective security strategies available to the enterprise: define what is trusted and prevent unauthorized execution. The challenge has always been making Application Control faster to deploy, easier to maintain, and simpler to scale.

Version 7.0 helps security and IT teams answer the operational questions that matter: what is running, what should be trusted, what requires elevated access, and why an enforcement decision occurred.

With v7.0, Airlock Digital introduces:

• Application Context for application-level visibility derived from real execution activity
• Trust Builder to accelerate policy creation with guided trust recommendations
• Elevation Control to apply elevated privileges to approved applications and processes without broadly elevating users
• Contextual Repository and enhanced Policy Tester to explain policy outcomes faster
• Policy-Scoped Access Control for stronger delegated administration across policies and rule types
• In-app notifications to surface important product communications directly in the console
  
  

New in Airlock Digital v7.0

See What Is Actually Running with Application Context

Airlock Digital continues to enforce trust at the file level. That is what makes Application Control effective against malware, ransomware, and unauthorized execution.

But files are not always how teams think about software. Applications include executables, libraries, publishers, dependencies, and related processes. The introduction of  Application Context makes that activity easier to understand.

Application Context turns observed execution activity into recognizable application views, helping administrators understand what is running, where it has been seen, and how related files and runtime relationships connect to trust and policy decisions.

With this release:

• Applications are built from observed execution activity
• Teams can see related files, publishers, dependencies, and runtime relationships
• Administrators can view where applications have been observed
• Applications can be categorized, including AI tools, document tools, media software, remote access tools, and other software types
• Visibility is derived from customer environment activity, not static inventories, installation data, or external lookup databases

This context helps teams answer practical questions about what applications are running and where as well as what files and publishers are associated with them. These insights help users assess if the action is expected software, unmanaged software, internally developed software, or something that needs investigation.

For current customers, Application Context adds an execution-aware intelligence layer above Airlock Digital's file-level enforcement foundation. Teams can better understand application activity while Airlock Digital continues to evaluate and enforce trust through file, publisher, path, and metadata-based policy controls.

Get to Enforcement Faster with Trust Builder

One of the biggest challenges with allowlisting is the work required to move from audit to enforcement. Teams need to review execution activity, understand what should be trusted, and build policies that reflect the software actually used in their environment.

This release introduces Trust Builder to reduce repetitive policy work while keeping administrators in control of trust decisions.

With this release:

• Trust Builder analyzes execution activity within the customer’s environment, identifying recurring patterns across publishers, paths, and process relationships
• Administrators receive guided trust recommendations based on observed behavior and configurable criteria
• Built-in guardrails help filter out potentially unsafe recommendations, such as those involving temporary paths, user-writable locations, or shell processes
• Trust Builder can run on a configurable schedule
• Customer policy decisions remain local, transparent, and administrator controlled

Trust Builder helps teams reduce manual policy-building effort and shorten the path from audit to enforcement. It does not replace administrator judgment. It is closer to cruise control than self-driving: it accelerates repetitive policy creation and maintenance while keeping trust decisions visible and under customer control.

Elevate Applications, Not Users

Version 7.0 introduces Elevation Control to help organizations reduce administrative exposure without breaking approved user workflows.

Many organizations grant local administrator rights because users need to run one or two specific tools. The problem is that the user receives broad administrative access, often far beyond what is required.

Elevation Control changes that model by applying administrative-equivalent privileges to approved applications and processes, not broadly elevating users or sessions.

With this release:

• Approved applications and processes can run with elevated privileges
• Users can remain standard users
• Elevation can be controlled through policy-defined conditions
• Teams can use criteria such as publisher, file path, process relationships, and user context
• Elevation is enabled through Allowlist Metadata Rules with Elevate process upon match
• Elevation Control is supported across Windows, Linux, and macOS

This helps organizations limit administrative exposure to the smallest practical scope. Instead of giving a user broad admin rights because one application requires them, the approved application receives the privileges it needs when policy conditions are met.

Elevation Control is not a replacement for a full Privileged Access Management platform. It does not provide credential vaulting, privileged account discovery, session brokering, credential rotation, or session recording. Instead, it addresses common application-level elevation needs within the application control framework customers already use.

Troubleshoot Faster with Contextual Repository and Policy Tester

The latest version improves troubleshooting and policy validation by connecting execution activity more directly to policy outcomes.

With Contextual Repository, Airlock Digital brings execution context into the repository experience. Administrators can see more detail about how a file ran, including the related execution activity used to evaluate outcomes. Enhanced Policy Tester capabilities use that context to evaluate selected file executions against policy groups and show whether the result would be allowed, blocked, or audited.

With this release:

• Teams can understand why a file was allowed, blocked, or audited
• Policy Tester can evaluate allowlist and blocklist metadata rules against real execution activity showing administrators which rules matched
• Policy outcomes can be tested directly in the console so teams can validate policy changes with greater confidence before rollout

For existing customers, this is a practical improvement to day-to-day administration. When something unexpected happens, teams can move from event to explanation faster, with less manual investigation.

Strengthen Delegated Administration with Policy-Scoped Access Control

Version 7.0 improves Policy-Scoped Access Control for customers managing larger or more complex environments.

In previous versions, teams could restrict visibility to policy groups, but associated rule types could still be visible more broadly. That model has been improved by enforcing access across the policy and its related rule types.

With this release:

• If a user does not have access to a policy, they also lose access to its associated allowlists, blocklists, and categories
• Different teams can manage different policies within the same console
• Organizations can support clearer separation between teams, departments, or operational groups
• Policy changes are less likely to affect areas outside a team’s responsibility

This gives enterprise customers stronger governance and cleaner delegated administration without needing separate consoles.

A Stronger Application Control Foundation

All aspects of this release help organizations make Application Control more practical to deploy, manage, and scale.

Application Context gives teams a clearer view of what software is actually running. Trust Builder helps accelerate the move from audit to enforcement through guided trust recommendations. Elevation Control reduces administrative exposure by elevating approved applications and processes instead of users. Contextual Repository and enhanced Policy Tester capabilities make enforcement decisions easier to understand. Policy-Scoped Access Control gives larger organizations cleaner separation of management responsibilities.

The security model remains consistent: Airlock Digital continues to evaluate and enforce trust at the file level. What Version 7.0 adds is a stronger execution-aware operational layer above that foundation, helping teams see, decide, and act with less manual effort.

Together, these improvements help organizations improve security outcomes, reduce operational overhead, and scale application control more confidently.

To learn more about how Airlock Digital helps protect endpoints from ransomware, malware, and unauthorized execution, contact us here. Current customers can visit the Customer Portal for upgrade info and additional resources.