Windows 7 - Review: Whitelisting security software comes of age

Review: Whitelisting security software comes of age

Remarkably good products from five vendors show that whitelisting may be the new best defense against modern malware.

By Roger A. Grimes
November 4, 2009 06:13 AM ET

InfoWorld - Whitelisting security has always taken a backseat to blacklisting approaches. After all, when there is far more good software running on computers and networks than bad software, it's just easier to block the bad than to approve all the good. But that was then, and this is now.

In 2009, the computer security defense world quietly marked a momentous threshold that should have us all looking anew at the value of whitelisting. Last year, the number of unique malicious programs and variants that were created outstripped all the legitimate software published in the world, straining the accuracy of anti-virus solutions like never before. It's a disturbing fact that suggests whitelisting is now more suitable as a primary security defense than traditional anti-virus scanners, which are really nothing more than blacklisting programs.

[ Read the individual reviews of Bit9 Parity Suite, CoreTrace Bouncer, Lumension Application Control, McAfee Application Control, and SignaCert Enterprise Trust Services. Compare the capabilities of Microsoft AppLocker, the whitelisting feature included in Windows 7 and Windows Server 2008 R2. ]