Whitelisting technology that prevents unauthorized software from running on corporate servers and PCs is a way to prevent malware attacks but managing the package keeps the Burton Group, a division of Gartner, from recommending it as a substitute for traditional antivirus software. Whitelisting technology that prevents unauthorized software from running on corporate servers and PCs is a way to prevent malware attacks but managing the package keeps the Burton Group, a division of Gartner, from recommending it as a substitute for traditional antivirus software.Whitelisting rather should be used as a “complementary” security defense because traditional antivirus software based on “blacklisting” to block and eradicate known malware can’t keep up these days, because attack software has become “so prolific,” according to the Burton Group’s “Application Control and Whitelisting for Endpoints” report published today.CASE IN POINT: Antivirus didn’t help in zero-day attack on power plantThat’s mainly because real-world whitelisting deployment “remains challenged by ever-changing user demands, platform complexity, and software complexity,” says Burton analyst Dan Blum in the report, which provides an exhaustive analysis of the many types of vendor software and methodologies offered to protect host-based computers through application controls that limit what can be run. The major uses for application control and whitelisting today are to lock down production servers and embedded or fixed-purpose devices and PCs. Deployment tends to be more complicated in enterprise deployments for general-purpose users that may have constantly changing application needs or wishes.The report provides an exhaustive summary of the various application-control products on the market today and the platforms they support (smartphones are largely missing). Burton Group details seven main categories of whitelisting software, noting that increasingly, whitelisting is available as capability that’s been integrated into software for life-cycle management or anti-malware. The Burton Group concludes that enterprises should consider application control and whitelisting as a “strategic or tactical approach to deployment” but “in either case, recognize that difficult learning curves for administrators and cultural changes for users may lie ahead.” In the end, it makes sense to start with the “easy, more static use cases” before jumping into use cases that are more complex and dynamic, the Burton Group report concludes.Read more about wide area network in Network World’s Wide Area Network section. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe