Welcome!

Microservices Expo Authors: Liz McMillan, Elizabeth White, Gregor Petri, Yeshim Deniz, Olivier Huynh Van

Related Topics: Cloud Security, Industrial IoT, Microservices Expo, Agile Computing

Cloud Security: Article

Try App Whitelisting to Mitigate Malware

It’s the doorman of the software world

There will always be a threat from malware - malicious software that is designed to steal or corrupt data on computers. Malware affects everyone from security services to silver surfers, and when it isn't checked it can wreak havoc.

Ultimately, it doesn't matter what size your business is, whether you're a multinational or a sole trader, the threat from malware is real and present, which means that you'll need a solution. Usually this means anti-virus software, but keeping on top of updates and distributing these to all of the computers in your organization requires regular attention.

Can application whitelisting help? Is it even a valid alternative, or should your business stick to the tried and tested solution of anti-virus software and malware removal tools that detect and quarantine malicious software, keyloggers, rootkits and Trojans?

The Typical SME Approach to Anti-Virus and Malware
If you are responsible for managing online security in your organization or you're involved as a stakeholder or an engineer, you will appreciate that most businesses take a reactive approach to virus and malware threats.

If a virus or malware infects one or more computers, steps are taken to update the AV software (typically by downloading the latest virus signatures) and remove the infection. In most cases this is successful - anti-virus software is generally fit for this purpose. However, there may be cases when virus signatures have yet to be added, making it difficult for the anti-virus software to find and remove the infection.

When malware is uncovered and the anti-virus solution is unable to deal with it, as is the situation in most cases, the latest version of one of the popular anti-malware tools should be used.

You might find that running the removal process in Safe Mode works best. Although it typically takes over an hour for a single infected computer, you should eventually be able to diagnose the machine as safe to use. In extreme cases, it can take a few hours to rebuild the machine because remediation efforts fail.

It's all rather slow, though, isn't it? More to the point, it is reactive rather than proactive.

How Application Whitelisting Can Help
In the horrific circumstance that all of your computers have been infected with malware, you might be pulling your hair out trying to raise as many engineers as possible while making alternative arrangements for users affected by the problem.

Or, you could be carrying on with the expected day's work, safe in the knowledge that there is no outbreak; no malware has been installed and no data has been lost or stolen.

Unless you run a computer network that has no Internet connection and a "no disks" policy, the only way to fully protect your users from malware is to employ a solution that uses application whitelisting, a process that protects the software that controls the behavior of your computers. If the software is not on the whitelist, it won't run.

It's the doorman of the software world, in many ways. Basically, if your name's not down, you're not coming in.

Is Application Whitelisting the Solution or Part of the Equation?
As things stand, no single solution can exist as anti-virus software companies are busy keeping their applications up-to-date, with both virus signatures and tools to prevent the applications from being targeted by viruses. This means that it is unlikely at present that any AV or anti-malware developer will branch out into providing a complete application whitelisting solution.

Similarly, application whitelisting cannot claim to be the complete solution as it can't deal with the task of removing threats.

It is, therefore, the perfect companion to anti-malware applications. When correctly configured application whitelisting can protect individual computers, servers and entire networks from malware.

Be Proactive, Not Reactive
Whichever way you look at it, the reactive solution of anti-virus and malware removal tools is only a single item on your network security utility belt. It has been proven to work in quarantining the offending code but is largely useless in actually protecting computers from being infected in the first place.

This is why application whitelisting is vital as a proactive solution. Using both in tandem can leave you with an extremely secure network that is protected against malware and anti-virus however they might be introduced (targeted attacks, USB sticks, or malicious attachments to emails).

Whitelists are widely used in website blocking and spam email management. Employing an application whitelist to protect your computers from malicious code that tries to run or install is a logical step to take in the fight against malware.

More Stories By Paul Paget

Paul Paget is CEO of Savant Protection based in Hudson, NH. Savant Protection’s automated application whitelisting is being used by SMEs, including regional banks, credit unions and local governments to proactively stop malware and safeguard endpoints. You can contact Paul at [email protected]

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
Apache Hadoop is a key technology for gaining business insights from your Big Data, but the penetration into enterprises is shockingly low. In fact, Apache Hadoop and Big Data proponents recognize that this technology has not yet achieved its game-changing business potential. In his session at 19th Cloud Expo, John Mertic, director of program management for ODPi at The Linux Foundation, will explain why this is, how we can work together as an open data community to increase adoption, and the i...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
About a year ago we tuned into “the need for speed” and how a concept like "serverless computing” was increasingly catering to this. We are now a year further and the term “serverless” is taking on unexpected proportions. With some even seeing it as the successor to cloud in general or at least as a successor to the clouds’ poorer cousin in terms of revenue, hype and adoption: PaaS. The question we need to ask is whether this constitutes an example of Hype Hopping: to effortlessly pivot to the ...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lea...
24Notion is full-service global creative digital marketing, technology and lifestyle agency that combines strategic ideas with customized tactical execution. With a broad understand of the art of traditional marketing, new media, communications and social influence, 24Notion uniquely understands how to connect your brand strategy with the right consumer. 24Notion ranked #12 on Corporate Social Responsibility - Book of List.
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Large enterprises today are juggling an enormous variety of network equipment. Business users are asking for specific network throughput guarantees when it comes to their critical applications, legal departments require compliance with mandated regulatory frameworks, and operations are asked to do more with shrinking budgets. All these requirements do not easily align with existing network architectures; hence, network operators are continuously faced with a slew of granular parameter change req...
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Big Data at Cloud Expo - to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA - has announced its Call for Papers is open. Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is...
With the rise of Docker, Kubernetes, and other container technologies, the growth of microservices has skyrocketed among dev teams looking to innovate on a faster release cycle. This has enabled teams to finally realize their DevOps goals to ship and iterate quickly in a continuous delivery model. Why containers are growing in popularity is no surprise — they’re extremely easy to spin up or down, but come with an unforeseen issue. However, without the right foresight, DevOps and IT teams may lo...
SYS-CON Events announced today the Enterprise IoT Bootcamp, being held November 1-2, 2016, in conjunction with 19th Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA. Combined with real-world scenarios and use cases, the Enterprise IoT Bootcamp is not just based on presentations but with hands-on demos and detailed walkthroughs. We will introduce you to a variety of real world use cases prototyped using Arduino, Raspberry Pi, BeagleBone, Spark, and Intel Edison. Y...
Much of the value of DevOps comes from a (renewed) focus on measurement, sharing, and continuous feedback loops. In increasingly complex DevOps workflows and environments, and especially in larger, regulated, or more crystallized organizations, these core concepts become even more critical. In his session at @DevOpsSummit at 18th Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, showed how, by focusing on 'metrics that matter,' you can provide objective, transparent, and meaningful f...
Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS - software, platform, and infrastructure as a service.
Digitization is driving a fundamental change in society that is transforming the way businesses work with their customers, their supply chains and their people. Digital transformation leverages DevOps best practices, such as Agile Parallel Development, Continuous Delivery and Agile Operations to capitalize on opportunities and create competitive differentiation in the application economy. However, information security has been notably absent from the DevOps movement. Speed doesn’t have to negat...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm ...
Your business relies on your applications and your employees to stay in business. Whether you develop apps or manage business critical apps that help fuel your business, what happens when users experience sluggish performance? You and all technical teams across the organization – application, network, operations, among others, as well as, those outside the organization, like ISPs and third-party providers – are called in to solve the problem.
While DevOps promises a better and tighter integration among an organization’s development and operation teams and transforms an application life cycle into a continual deployment, Chef and Azure together provides a speedy, cost-effective and highly scalable vehicle for realizing the business values of this transformation. In his session at @DevOpsSummit at 19th Cloud Expo, Yung Chou, a Technology Evangelist at Microsoft, will present a unique opportunity to witness how Chef and Azure work tog...
As applications are promoted from the development environment to the CI or the QA environment and then into the production environment, it is very common for the configuration settings to be changed as the code is promoted. For example, the settings for the database connection pools are typically lower in development environment than the QA/Load Testing environment. The primary reason for the existence of the configuration setting differences is to enhance application performance. However, occas...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.