Your SlideShare is downloading. ×
0
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Developing Best Practices to Application Whitelisting: An In-Depth Technical Discussion

891

Published on

As IT professionals know, endpoint security needs are evolving: new vulnerabilities are disclosed every day, new malware creation is exploding, and traditional AV signatures cannot keep up. You know …

As IT professionals know, endpoint security needs are evolving: new vulnerabilities are disclosed every day, new malware creation is exploding, and traditional AV signatures cannot keep up. You know that patch management and AV are necessary – but not sufficient – layers of endpoint defense. Intelligent application whitelisting is an important addition to your risk mitigation strategy, and taking prudent measures to establish a best practices approach can help reduce costs and risks in the long term. View these slides to learn the recommended steps to check unknown executables on your endpoints as we dive into a technical discussion of what the critical items to address:

* Prepare – properly laying the groundwork for implementing application whitelisting is crucial to ultimate success.
* Lockdown – preventing unwanted or dangerous changes while providing necessary flexibility to support business needs.
* Manage – maintaining the environment as application, end user and business needs develop.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
891
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Developing BestPractices forApplicationWhitelistingAn In-Depth Technical Webcast
  • 2. Today’s Agenda Introduction Augment Your Defenses to Mitigate Zero-Days, with Lessons Learned from the Field • Laying the Groundwork • Creating Policies • Protecting Endpoints • Managing the Environment Q&A
  • 3. Today’s Panelists Douglas Walls David Murray Chief Information Officer Sr. Product Manager EMSolutions, Inc. Lumension3
  • 4. Why Application Whitelisting Is Important AVERAGE detection rate after 30 days = 62% Today’s Endpoint Security Stack Sources of Endpoint Risk AV 5% Zero-Days Device Control 30% Application Missing Patches Control 65% Patch & Configuration Management Misconfigurations4
  • 5. Benefits of a Solid Whitelisting ProcessMalware Costs Money Controlled Change is Good © Creative Commons / Kevin Dooley5
  • 6. Application Whitelisting Best Practices Laying the Groundwork Application Managing the Creating Whitelisting Environment Policies Process Protecting Endpoints6
  • 7. Laying the Groundwork
  • 8. Groundwork | Policies | Lockdown | ManagementClean Avoid End User Disruption • No need to reimage • Off-hours, thorough scan to remove known malware8
  • 9. Groundwork | Policies | Lockdown | ManagementScan9
  • 10. Groundwork | Policies | Lockdown | ManagementOrganize10
  • 11. Groundwork | Policies | Lockdown | ManagementDenied Apps Eliminate unknown or unwanted applications on your endpoints User Endpoint ViewAdmin Console ViewPrevent applications from executingeven while endpoints are in monitormode only11
  • 12. Creating Policies
  • 13. Groundwork | Policies | Lockdown | ManagementTrusted UpdaterAutomated whitelist maintenance reduces workload13
  • 14. Groundwork | Policies | Lockdown | ManagementTrusted PublisherAutomated whitelist maintenance reduces workload14
  • 15. Groundwork | Policies | Lockdown | ManagementTrusted PathAutomated whitelist maintenance reduces workload15
  • 16. Groundwork | Policies | Lockdown | ManagementMonitor Stabilize Whitelist Maintenance • Full visibility into unaccounted for changes (good and bad) • Accommodate variations • Reduce maintenance workload16
  • 17. Groundwork | Policies | Lockdown | ManagementLocal Authorization Effectively Balance Security and Productivity • End user flexibility • “Third Way” between Monitor and LockdownAdmin Console View User Endpoint View17
  • 18. Protecting Endpoints
  • 19. Groundwork | Policies | Lockdown | ManagementEnforce Easy Transition • Minimize disruption • Provide flexibility • Minimize workload19
  • 20. Groundwork | Policies | Lockdown | ManagementFine-TuneThink Globally, Act Locally• Harmonize where appropriate• Anticipate future needs20
  • 21. Managing the Environment
  • 22. Groundwork | Policies | Lockdown | ManagementControl Is this a Known Bad? Should my Is this a users have this? Known Good? What is trying to install this? Is this Unwanted? Who wrote this? Where did this come from?22
  • 23. Groundwork | Policies | Lockdown | ManagementAdaptDevelop processes• Changes in environment• Changes in end user needs• Changes in business needsCreate flexibility to balancesecurity with productivity acrossentire organization © Creative Commons / Bruce Tuten23
  • 24. Q&A
  • 25. More Information• Free Security Scanner Tools • Get a Quote (and more) » Application Scanner – discover all the apps http://www.lumension.com/ being used in your network intelligent-whitelisting/buy-now.aspx#7 » Vulnerability Scanner – discover all OS and application vulnerabilities on your network » Device Scanner – discover all the devices being used in your network http://www.lumension.com/Resources/ Security-Tools.aspx• Lumension® Intelligent Whitelisting™ » Online Demo Video: http://www.lumension.com/Resources/ Demo-Center/Endpoint-Security.aspx » Free Trial (virtual or download): http://www.lumension.com/ intelligent-whitelisting/free-trial.aspx25
  • 26. Global Headquarters8660 East Hartford DriveSuite 300Scottsdale, AZ 852551.888.725.7828info@lumension.comhttp://blog.lumension.com

×