Gartner Research

Application Control and Whitelisting for Endpoints

Published: 10 March 2011

ID: G00208636

Analyst(s): Daniel Blum


Application control and whitelisting solutions can put endpoints into a stronger default-deny posture against unknown and potentially malicious software. Solutions come from a variety of market segments and, because they offer a potentially powerful endpoint protection alternative, are gaining mind share and deployment. This assessment will explore the application control landscape and recommend strategies for adoption.

Table Of Contents

Summary of Findings


  • What Is Application Control and Whitelisting?
  • Use Cases
    • Protect Production Servers
    • Protect Embedded (or Fixed-Purpose) Devices or PCs
    • Protect Standard User, General Purpose PCs
    • Protect User Administered, General-Purpose PCs
    • Additional Use Cases
  • Application Control and Whitelisting Architecture and Requirements
    • Multiple Platform Support
    • Multiple Application Type Coverage and Browser Control
    • Robust Enforcement Agent
    • Trust Mechanisms
    • Application Inventory and Whitelist Creation
    • Commercial Whitelists and Graylists
    • Privilege Escalation
    • User Space Install Restriction
    • Management
    • Logging and Reporting
  • Market Landscape
  • Market Segments
    • Dedicated Application Control and Whitelisting Solutions
    • Anti-Malware Vendors
    • Vulnerability and PCLM
    • OS and Privilege Escalation/Management Solutions
    • Alternative Endpoint Protection Vendors
    • Content Control
    • Application Virtualization and Management
  • Future Market Direction


  • Take Inventory of the IT Environment and Constituencies
  • Determine the Role for Application Control in the Enterprise Security Architecture
  • Select an Appropriate Approach to Application Control
  • Couple Application Control with a Strategic Migration to a Standard User Deployment
  • Embrace Application Control as a Strategic Endpoint Protection Initiative
  • Take a Tactical Approach and Start with the Easier Use Cases
  • How to Follow the Road Map in Figure 2

The Details


Recommended Reading

©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.