As one of the most essential layers, Application Allowlisting is included in every level of maturity. It is notable that it is also the first item mentioned in every Essential Eight structure. In order to prevent today's malware and ransomware, Application Allowlisting is critical. Without it, we are doomed to repeat our past failures that led to the current cyber landscape.
AWL's architecture prevents ransomware by strictly allowing good, authorized applications to enter and execute on any endpoint or server on the network. If any application has not been explicitly authorized, it is proactively blocked for future analysis. This default-deny-allow-by-exception architecture defeats ransomware and the reason behind the Essential Eight endorsement.
Unlike traditional security solutions, customer infections aren't required to strengthen the allowlist architecture
Local overrides can be added after prevention with a focus on accuracy and without concern for responding to an already active infection
The US National Institute of Standards and Technology (NIST) has released standards that require application allowlisting for compliance
Application allowlist updates are fast and protection levels don’t suffer without them; allowing for frequent offline use with peak security
The allowlist is lightweight and PC Matic has consistently won awards for AV performance against our competition
Adding local overrides to supplement the global allowlist requires significantly fewer IT resources than responding to constant detect and respond alerts
Today's threats to critical infrastructure, industry and all levels of government demand nothing less.
Our Global Allowlist is a master list of good applications that each endpoint can check via local definitions or the cloud.
Custom and low-frequency applications can be added locally by customers to augment the global allowlist.
Good signed applications are added via the publisher's signature eliminating the need for allowlisting hashes for past and future applications.
Ransomware can be deployed via valid scripting applications which necessitated the creation of a scripting allowlist, the only one of its kind.
Ransomware can be deployed through breached RDP ports. PC Matic authenticates the entering device to close this hole.
Ransomware can be launched via macros in Office. PC Matic includes a allowlist of valid applications that can be launched through Office.
Ransomware can be executed through compromised file extensions. PC Matic has a allowlist of valid file extensions.
Customers can allowlist a directory as a last resort, making it easier to write, test, and deploy custom code in their environment.
Utilize a remote CMD prompt on each device.
Upload or download files to machines through an intuitive File Manager.
Take full remote control through a fast and reliable VNC connection.
Monitor & control Remote Desktop Protocol connections.
and much more!