Application Whitelisting

Quickly Deploy the Most Secure Application Whitelisting

Application whitelisting adds a critical layer of defense against evolving threats such as zero-day attacks that endpoint anti-malware frequently fail to detect. But most of today’s whitelisting products are too difficult to deploy, time-consuming to manage, and reliant on a centralized database. Our application whitelisting is easy to deploy, transparent to existing operations and the most secure application whitelisting for Retail POS systems and industrial control systems.

There is no silver bullet in information security, but if managed correctly application whitelisting solutions at the endpoint provide exceptional protection from zero day and targeted attacks.
- The Power of Whitelisting, Neil MacDonald, Gartner



Deploy Application Whitelisting in Minutes

Our agents install in minutes and begin protecting endpoint systems immediately. Our software doesn’t require you to determine in advance which applications and libraries are required by each user. Once installed the Savant agent automatically creates a unique whitelist that determines what executables are permitted to run on that device.

Block Unknown and Unauthorized Executables on Workstations, Servers, POS Devices and Industrial Controls

Our agent prevents new unauthorized applications from being installed. Upon confirmation of the approved whitelist, execution of any unauthorized application will be blocked, whether malicious applications (such as viruses, Trojans, or Bots) or unwanted/unknown applications. It is proven in the most critical environments such as Retail POS and industrial control systems.

Automate Application Whitelisting Management

Through the designation of trusted agents, our software enables you to use your normal methods for patching, updating and installing software without having to explicitly look at or manage a whitelist. This trusted agent feature allows organizations to efficiently keep all authorized applications on endpoints updated and patched without requiring any additional intervention by the end user or IT.

Prevent Unauthorized Changes to Applications & Executables

This agents block any attempts at unauthorized additions, deletions or modifications and log both authorized changes and unauthorized attempts.

Stop Malware Before It Lands

Our agents keep hard drives clear of dangerous executables that may attempt to relaunch in the future.

Automate Containment

If pre-existing malware or malicious code goes undetected by scans and antivirus prior to the installation and creation of the initial whitelist, our agent will automatically contain any potential negative effects from the presence of that malware only to that device.

Why Digital Guardian for Application Whitelisting

1

MORE SECURE BECAUSE THE WHITELIST IS STORED LOCALLY AND PROTECTED FROM ALL ACCESS.

Only Digital Guardian uses a patented, encrypted whitelist on each endpoint. The whitelist is always stored locally, encrypted and protected from all access by the driver.

2

STOPS PROLIFERATION OF ANY POTENTIAL COMPROMISE TO OTHER ENDPOINTS.

Our unique whitelist on each endpoint prevents propagation of any malware that might somehow slip through.

3

STRONGER SECURITY BECAUSE THERE IS NO SINGLE POINT OF FAILURE.

Many application whitelisting products use a centrally managed whitelist. With this approach a compromise of the central whitelist or global software registry is a compromise for all systems.

4

GREATER FLEXIBILITY THROUGH A COMPLETE CLIENT USER INTERFACE (UI).

Our local UI enables our agent to work both on and off the network and supports total lockdown of industrial systems that are completely network disconnected. It also enables authorized users to install software seamlessly.


How it Works

DVC 1

Our software associates a unique, invisible key with each authorized application (including associated components and identified scripts) on each end system. When an executable file is read or accessed, our agent compares the previously known key with the key that is presented. If there is a match, the application is allowed to execute on the system. If there is not a match or the application is unknown, access to the CPU is denied. In lockdown mode, new executable files are prevented from even being written to disc. In a more open environment where users may be granted more flexibility in adding software to their devices, options are presented for handling the unknown application.

Digital Guardian for Application Whitelisting Datasheet

Learn how you can quickly deploy the most secure application whitelisting

Read now

DG Application Whitelisting Technical Overview

Get the technical details on how Digital Guardian’s delivers advanced application whitelisting.

Get the whitepaper

Free Trial 2016 Gartner DLP MQ Contact Us