Everyone in the security industry can agree that mid-sized to large enterprises have to embrace a custom whitelist security policy as opposed to the easier to install and administer blacklisting that simply can’t keep up with today’s threats.
However, anyone who has ever created or maintained a whitelist policy can attest, the process is never simple and it can quickly become overwhelming. Not to mention the drag on business productivity that exists while trying to implement overly complex whitelisting schemes.
In a time where security products and technologies are promising automation and simplicity, it begs the question, why haven’t we improved on whitelisting.
At Trusted Knight, using the Cloud-DMZ technology, we’ve modified whitelisting with a high degree of automation. By replicating the predictable content of a web application and serving requests from the cloud without accessing the actual web system, Cloud-DMZ mitigates the attack surface without the need for any security validation to be assigned.
Instead of inspecting all traffic this architecture now allows security operations to focus only on business-logic components, for which a smaller, focused and potentially automated whitelist validation policy can be used. Now, manageability is dramatically improved because security resources are freed to spend time refining and tightening this limited and highly focused whitelist.
The transformed whitelisting approach provided by Cloud-DMZ holds the promise of being less burdensome to implement and manage while delivering the level of security desperately required in the face of modern attacks.