Do you Control Thy Apps?

Application Control or Restriction policies are a very powerful security control solution. It is a very powerful way of doing things, but it is also the least deployed feature from what I have seen in all the PC and VDI deployments I have worked with over the past 19 years too.

With the release of Windows XP release in 2001 is when Software Restriction Policies first arrived and then renamed to AppLocker when Windows 7 was released. Without an application execution restriction system then you are at risk for sure even with an Antivirus solution deployed too. When execution is unrestricted and phishing email is sent with a malicious executable your only hope is your AV solution to know it is bad and block it. Defense in depth is a basic security strategy to use solutions in a layered methodology to attempt to secure the gaps between the solutions and provide an overall more secure deployment. Using Application Control\Allowlisting is a key component of any Windows security strategy.

b.    Microsoft has gone over many generations\eras of their enterprise product offerings and that hasn’t helped bolster this AppLocker ability. Most of the news at these events are about the next release and just a quick overview of some of the features that are deemed most relevant in a pile of features that have been continually added.

Leave a Comment