Log In Register

Home » An Analysis of Whitelisting Security Solutions and Their Applicability in Control Systems

An Analysis of Whitelisting Security Solutions and Their Applicability in Control Systems

You must log in to view this white paper.

Login Now

Not a member yet? Register now.

Overview:

Whitelisting is described by its advocates as "the next great thing" that will displace anti-virus technologies as the host intrusion prevention technology of choice. Anti-virus has a checkered history in operations networks and control systems – many people have horror stories of how they installed anti-virus and so impaired their test system that they simply couldn't trust deploying it in production.

While anti-virus systems detect "bad" files that match signatures of known malware, whitelisting technologies identify "good" executables on a host and refuse to execute unauthorized or modified executables, presumably because such executables may contain malware. This is a least privilege approach of denying everything that is not specifically approved.

In this paper the Industrial Defender team performs an independent analysis of a variety of whitelisting solutions for their applicability to control systems. The paper closes with some recommendations related to this technology and areas for further research.

Lear more about Industrial Defender

Author: Andrew Ginter, ISP, CIPS, CISSP, Chief Security Officer, Industrial Defender, Inc. | File Type: PDF

Find more white papers on Intrinsic Safety, SCADA

View all white papers »

More content on this topic:

Free Subscriptions

Control Digital Edition

Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.

  • Featured White Papers