Entries by admin

Airlock Digital announces plans for growth, expansion with investment from CyberCX

Adelaide, 28 June 2022 Airlock Digital, a world-leading solution for application allowlisting, has today announced plans for further growth and expansion following an investment from CyberCX, Australia and New Zealand’s largest cyber security services firm. Founded in Adelaide in 2014, Airlock has become the preferred allowlisting solution for a growing number of enterprise organisations and […]

Preventing Ransomware and Zero Days Using an Overlooked Basic Security Control

Continued successful exploitation of the software supply chain As the world continues to assess the scope of the biggest global ransomware attack on record – with the REvil/Sodinokibi group claiming to have infected over one million systems, outpacing even WannaCry from 2017, it is becoming clear that ransomware continues to be a successful business model […]

Opinion: Why the Information Security Manual (ISM) Control ‘1471’ isn’t practical for allowlisting at scale

TLDR; Take a look at the tables containing Product Names for Adobe Acrobat DC in this article, the variations in product names are staggering. Overview At Airlock Digital, we often hear from new and existing Australian customers regarding the Australian Government Information Security Manual (ISM) control 1471. In particular, customers ask how they can achieve […]

Some Context, Process Herpaderping

Recently some great research has been published by Johnny Shaw outlining a method to start processes in Microsoft Windows in a manner similar to process hollowing. They have coined this term “Process Herpaderping” and there is a great detailed technical write up here – https://jxy-s.github.io/herpaderping/. Essentially, an attacker who has the capability to execute arbitrary […]

Airlock interview on RiskyBusiness Podcast #573

This week Airlock Digital whitelisting was featured on the Risky Business podcast with Airlock Co-Founder, David Cottingham. They make whitelisting software that’s actually useable. And until I did this interview I didn’t know that their agent actually does host hardening as well, which is pretty cool. Since we last spoke they’ve also popped up in […]

Airlock V2 released with ReversingLabs integration

Airlock Digital, headquartered in Adelaide, South Australia, today announced that its application whitelisting solution now includes integrated file reputational lookups to streamline administration and allow non-cyber security specialists to easily assess the threat level of unknown files. The Airlock solution is specifically built around the Australian Signals Directorate’s (ASD) controls for application whitelisting, the number […]

Trust, in file based security

Trust, it’s a fundamental concept in cybersecurity and plays a vital role in the decisions we make, particularly if a risk based approach is taken to decision making. However, we don’t often think about how the concept of trust influences our decisions. This blog post will explore what role trust plays, in file based security. […]

Airlock releases free document to test chained trust in EDR and Application Whitelisting solutions

Today Airlock Digital is releasing a free Microsoft Word document to test ‘Chained Trust’ in EDR and Application Whitelisting solutions. is where a product will trust a parent process (such as winword.exe) and automatically place trust in any spawned child processes. Security products that are configured to use ‘Chained Trust’ may provide a reduced level […]

Proactively Detect and Prevent Petya Ransomware

The Petya ransomware outbreak represents an evolution in the sophistication of ransomware. Employing a number of different strategies for distribution and infection the Petya ransomware has impacted small and large organisations across the globe. This outbreak is another reminder that signature based detection is not effective in todays threat landscape. In this video you will […]