Essential Eight Compliant

PC Matic Prevents Ransomware

There is a solution to defeating and preventing ransomware. It is called Application Allowlisting otherwise known as Application Control and is included in all three levels of the Essential Eight Maturity Model.
Essential Eight Application Control

Essential Eight
Maturity Model

The Essential Eight is a baseline of recommendations for all organizations to implement to best protect themselves against all cyber threats.

As one of the most essential layers, Application Allowlisting is included in every level of maturity. It is notable that it is also the first item mentioned in every Essential Eight structure. In order to prevent today's malware and ransomware, Application Allowlisting is critical. Without it, we are doomed to repeat our past failures that led to the current cyber landscape.

AWL's architecture prevents ransomware by strictly allowing good, authorized applications to enter and execute on any endpoint or server on the network. If any application has not been explicitly authorized, it is proactively blocked for future analysis. This default-deny-allow-by-exception architecture defeats ransomware and the reason behind the Essential Eight endorsement.

What is Application Allowlisting?

Application Allowlisting puts each IT organization squarely in control by strictly allowing authorized applications to execute on the network. If any program attempts to run without prior approval, it is blocked and hence no ransomware can enter the network.

No Victims

Unlike traditional security solutions, customer infections aren't required to strengthen the allowlist architecture


Local overrides can be added after prevention with a focus on accuracy and without concern for responding to an already active infection


The US National Institute of Standards and Technology (NIST) has released standards that require application allowlisting for compliance


Application allowlist updates are fast and protection levels don’t suffer without them; allowing for frequent offline use with peak security


The allowlist is lightweight and PC Matic has consistently won awards for AV performance against our competition


Adding local overrides to supplement the global allowlist requires significantly fewer IT resources than responding to constant detect and respond alerts

PC Matic represents a long overdue shift in cybersecurity to absolute prevention.

Today's threats to critical infrastructure, industry and all levels of government demand nothing less.

PC Matic's Multi-Layer Threat Prevention

PC Matic's global allowlist is the only one of its kind and has been curated for over a decade through tens of millions of endpoints and contains 26M+ different applications.

Global Allowlist

Our Global Allowlist is a master list of good applications that each endpoint can check via local definitions or the cloud.

Local Allowlist

Custom and low-frequency applications can be added locally by customers to augment the global allowlist.

Signature Allowlist

Good signed applications are added via the publisher's signature eliminating the need for allowlisting hashes for past and future applications.

Malicious Script Allowlist

Ransomware can be deployed via valid scripting applications which necessitated the creation of a scripting allowlist, the only one of its kind.

RDP Authentication Allowlist

Ransomware can be deployed through breached RDP ports. PC Matic authenticates the entering device to close this hole.

Microsoft Office Allowlist

Ransomware can be launched via macros in Office. PC Matic includes a allowlist of valid applications that can be launched through Office.

File Extension Allowlist

Ransomware can be executed through compromised file extensions. PC Matic has a allowlist of valid file extensions.

Local Directory Allowlist

Customers can allowlist a directory as a last resort, making it easier to write, test, and deploy custom code in their environment.

Conflict-Free Allowlisting

PC Matic is designed at its core to run alongside other security layers without conflicts. Adding application allowlisting into any existing security stack without compromising other layers or overall security has never been simpler. Experts recommend deploying a security stack with a layered approach to protect resources and data while using application allowlisting as the fail-safe layer. When other layers fail, PC Matic blocks malware from running on the workstation because it is not a known good application.

Built-In Remote Management Tools

PC Matic provides not only the industry recognized best method for preventing ransomware in Application Allowlisting, but also an array of built-in tools for businesses and Managed Service Providers to administer their devices from a multi-tenant cloud based or on premise management console.

Utilize a remote CMD prompt on each device.

Upload or download files to machines through an intuitive File Manager.

Take full remote control through a fast and reliable VNC connection.

Monitor & control Remote Desktop Protocol connections.

and much more!