Application Control vs Application Whitelisting
Terms often used interchangeably that have a big impact on your security.
Application Control typically refers to ‘fuzzy’ application whitelisting technologies which place trust in software packages for the purposes of software management.
Application Whitelisting refers to ‘strict’ application whitelisting technologies which place trust in files for the purposes of security.
Application Control technologies may allow attackers to slip through the gaps. By treating software as ‘packages’ rather than individual files, the trusted software requires the ability to run any file of it’s choosing. This allows attackers to run malicious code if the application itself is compromised, which commonly occurs through social engineering attacks.
Application Whitelisting technologies uniquely identify every file and application library as a unique item, regardless of what software it belongs to. If any file is modified or tampered with, the file is prevented execution. This very effectively prevents attackers from running malicious code on a system and significantly increases the ability of organisations to identify attempts of compromise. Airlock enforces Application Whitelisting using cryptographic hash values, no large directory, publisher or parent process exemptions required.
TLDR; Application Whitelisting places trust in files not software packages, therefore providing a significant security benefit.
About Airlock Digital
Airlock Digital was founded in 2013 with one goal: Enable organisations to implement and maintain application whitelisting, simply and securely, in dynamic computing environments.
The founders of Airlock Digital have spent years implementing application whitelisting technologies in enterprise organisations and deeply understand real-world whitelisting challenges. Airlock Digital was born out of necessity to address these challenges, as a new approach to application whitelisting was needed.