Freely subscribe to our NEWSLETTER

Allowlisting – also referred to as application whitelisting or application control – is documented in a number of government cybersecurity standards and/or regulations worldwide, including the U.S. Top 10 Mitigations, NIST 800-171, CMMC, Center for Internet Security Basic Six, ACSC Essential Eight Strategies to Mitigate Cyber Security Incidents, Canadian Top 10 IT Security Actions, and New Zealand Critical Controls.

Many cybersecurity solutions exist today that can block the execution of files on endpoint systems. Almost none offer the granular centralized control, the workflow support, or the operational flexibility required to cost-effectively support allowlisting in dynamic, enterprise computing environments.

Airlock reduces the support burden of allowlisting, utilizing easy-to-use workflows that prevent disruption to users. If a required application is blocked, IT teams, including non-cybersecurity staff, can simply and easily grant permissions to users with a range of one-time password (OTP) options.
In addition to one-time use and mobile OTP, the latest Airlock version 4.7 release provides a new codeless self-service capability, helping to maintain user productivity without compromising on security. Codeless self-service allows privileged users to self-administer temporary access to applications and scripts restricted to the general user base.

With the latest product enhancements, Airlock Digital has embraced a user-centric approach to allowlisting. Airlock offers the ability to control access for individual users or groups, in addition to devices, to give organizations additional flexibility and more streamlined workflows. This makes allowlisting with Airlock more practical to implement at scale and allows integration with privileged access management (PAM) solutions. Additional, more granular blocklisting criteria have been included to apply blocklist rules to specific enterprise security groups and operating system versions, ensuring that only appropriately privileged users can execute files across specific device types.
“By having more granular criteria for blocklisting rules, you can now easily operationalize your security policies,” says Daniel Schell, Co-Founder and Chief Technology Officer for Airlock Digital. “Based on Active Directory group membership, security administrators can easily block applications such as TeamViewer across the environment in a couple of clicks, while still allowing access for users that may need it.”

Airlock’s enhancements continue to add to its value as a strategic cybersecurity tool for achieving proactive endpoint protection. Another immediate benefit – simply achieved by blocking the execution of malware and restricting the ability to execute risky code – is reducing the number of security events that Security Operations Centre (SOC) teams must deal with.

Airlock also provides full visibility over all files running across endpoints, including their history and associated network activity, and can share this data with Security Information and Event Management (SIEM) platforms. With the latest release, Airlock cloud customers gain the ability to pull SIEM logs from the cloud via a REST API, removing the need to use a custom solution or expose ports to the Internet.