How secure is your application allowlisting?

The Allowlist Auditor is a free utility developed by Airlock Digital designed to comprehensively audit application whitelists for weaknesses, regardless of vendor. It performs automated file load tests and identifies policy weaknesses that can be exploited by attackers.

The Allowlist Auditor includes a mode to audit both Microsoft AppLocker™ deployments and Windows Defender DeviceGuard™  / Application Control and displays complex policies and associated problems clearly.

You can view an example HTML report generated from the tool from an AppLocker™ deployment here. The utility is designed to be run as a standard (non-privileged) user.

Applocker Audit Tool
AppLocker Audit Untrusted File Test
Allowlisting Auditor

Get the Allowlisting Auditor today!

The auditor is a free utility developed designed to comprehensively test application allowlists for weaknesses and misconfigurations, regardless of vendor. It achieves this by performing automated file load tests and identifies areas on a system where untrusted code can successfully execute.

As security practitioners at heart, Airlock Digital understands the importance of ensuring auditability of not only the software that it produces, but also that of the wider endpoint security industry. It’s extremely important that practitioners implementing defensive security controls have:

  • An easy way to validate that their endpoint security is delivering the intended security outcome

  • A way to identify policy gaps which could be used by attackers to bypass
    security controls; and

  • Independent methods to demonstrate to auditors that their implementation is
    effective.

 

Current Version: V4.1
Release Date: 24/01/2023
File Size: 3.54 MB

File Hashes:
SHA256: c185979f41771489219e5f0b0231889f42f89ca2fc0689504e4bb487427bcb8c
Authentihash (Microsoft AppLocker): 5f6f0b4951466ebabd553832b97587fb99bb8e84e9b49150b7f8bf0b244adcc8

Dependency: Microsoft .NET Framework v4.0+
Feedback / Thoughts?: info@airlockdigital.com

Copyright (c) 2024, Airlock Digital Pty Ltd

AIRLOCK DIGITAL – APPLICATION WHITELIST AUDITOR IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

AppLocker(TM) is a Trademark of Microsoft Corporation