Traditional virus scanners have struggled to keep pace with the threats, with systems that are protected by up-to-date antivirus software often getting hit by malware.
To be effective, antivirus products need to be able to detect and block every bit of malware that attempts to run on a system. Because of this, malware developers pour a lot of effort into obfuscating their code, to make it more difficult for security products to detect.
Application whitelisting takes the opposite approach. Rather than block only known dangerous files, application whitelisting only allows known, trusted applications to launch. While new variants of malware may slip by an antivirus product, they will be blocked by a properly configured application whitelisting policy.
Defining which applications to trust can take a degree of effort to begin with, but since the application sets of most users don't change a great deal over time, the ongoing maintenance is minimal. We've found that environments that employ application whitelisting have far less need for IT support calls, meaning staff are more productive.
We have many years experience deploying technologies such as Airlock Digital and Microsoft AppLocker into a wide range of environments, and can ensure a smooth deployment that requires minimal upkeep.