Not a Gartner Client?
Want more research like this?
Learn the benefits of becoming a Gartner client.
Application control and whitelisting solutions can put endpoints into a stronger default-deny posture against unknown and potentially malicious software. Solutions come from a variety of market segments and, because they offer a potentially powerful endpoint protection alternative, are gaining mind share and deployment. This assessment will explore the application control landscape and recommend strategies for adoption.
Table of Contents
Summary of Findings
What Is Application Control and Whitelisting?
- Protect Production Servers
- Protect Embedded (or Fixed-Purpose) Devices or PCs
- Protect Standard User, General Purpose PCs
- Protect User Administered, General-Purpose PCs
- Additional Use Cases
Application Control and Whitelisting Architecture and Requirements
- Multiple Platform Support
- Multiple Application Type Coverage and Browser Control
- Robust Enforcement Agent
- Trust Mechanisms
- Application Inventory and Whitelist Creation
- Commercial Whitelists and Graylists
- Privilege Escalation
- User Space Install Restriction
- Logging and Reporting
- Dedicated Application Control and Whitelisting Solutions
- Anti-Malware Vendors
- Vulnerability and PCLM
- OS and Privilege Escalation/Management Solutions
- Alternative Endpoint Protection Vendors
- Content Control
- Application Virtualization and Management
Future Market Direction
- What Is Application Control and Whitelisting?
Take Inventory of the IT Environment and Constituencies
Determine the Role for Application Control in the Enterprise Security Architecture
Select an Appropriate Approach to Application Control
Couple Application Control with a Strategic Migration to a Standard User Deployment
Embrace Application Control as a Strategic Endpoint Protection Initiative
Take a Tactical Approach and Start with the Easier Use Cases
How to Follow the Road Map in Figure 2
- Take Inventory of the IT Environment and Constituencies