Consider Application Control

Gartner survey data found that more organizations are removing administrative rights on endpoint machines and using an application whitelisting technology to restrict use to approved applications. The restrictions limit the ability of an attacker to execute malware on the system. If an infection does take place, the low-level access of the system makes it difficult for the attacker to move to more sensitive systems. Whitelisting vendors can be set to “monitoring only” mode, according to Gartner, giving them the ability to alert when suspicious executable files are detected. One problem: Attackers are using malware that no longer appear as an executable file. Experts tell itbestofbreed.com that modern whitelisting products can detect the threat.