My Take on Application Whitelisting

One of the recent thoughts that I have notices in the last year in discussions with friends in the industry is that whitelisting is of no use do to:

* "It is hard to do"
* "Bypasses exist so why do it"
* "It does not scale"


Those are the 3 most common ones I have heard with my discussions over drinks, chat rooms and lobbycon sessions with friends. I would like to try to address why for me they are not valid and share my thought process and to the why.

Read More