[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] NSA's whitelisting approach economically blocks computer viruses
By Aliya Sternstein
Military computers soon will be configured to execute only
administrator-approved software applications in certain areas of a
computer, Pentagon officials told Nextgov. The Defense Department's
unique version of the "application whitelisting" approach focuses on
where downloads are allowed to launch in a system. It is intended to be
a relatively inexpensive protection against downloads that antivirus
programs fail to flag as threats.
"You can download it, but you can't install it," said Paul Bartock, a
technical director for the Information Assurance Directorate at the
Pentagon's National Security Agency, who helped develop the economical
One weakness with even the best antivirus programs is they blacklist
software only after it has been diagnosed as malicious. Unknown worms
can't be blocked. And hackers continuously tweak their code so it
However, NSA's approach in essence blocks every application from
executing until a network administrator has approved, or whitelisted,
it. Whitelisting is a recommended best practice, but Defense and
industry have lagged in adoption because of the staffing involved in
adding and removing applications from the list, NSA officials said.
Certified Ethical Hacker and CISSP training with Expanding Security gives
the best training and support.
Get a free live class invite weekly. Best program, best price.