Security Bullet In
Communiques from the security front, sir
Tuesday 25 September 2007, 12:19 PM
Kaspersky to concentrate on whitelisting
Antivirus company Kaspersky will concentrate on whitelisting in version 8.0 of its enterprise security software, according to David Em, senior technology consultant for Kaspersky.
The company already uses some digital certificates to authenticate applications -- it plans to move more in this direction.
"Application integrity control prevents external processes such as malware injecting code," said Em at the IDC's IT Security conference 2007. "We want to take it to the next step."
However, Richard Jacobs, chief technology officer of Sophos, a rival to Kaspersky, said in a speech at the conference that application whitelists can cause "systems paralysis".
"Avoid application whitelist paralysis," said Jacobs. "Whitelists just don't work -- they're too intrusive."
I suppose IT managers will have decide for themselves based on their own systems requirements.
Previous
