enterprisesecuritymag

Airlock Enhances its Allowlisting Solution to Further Block Ransomware and Zero-Day Attacks

Enterprise Security Magazine | Friday, April 09, 2021

Airlock eases the burden of allowlisting support by using simple workflows that minimize user disruption. If a required application is blocked, IT teams, including non-security personnel, can grant permissions to users using multiple One-Time Password (OTP) options.

FREMONT, CA: Airlock Digital, a practitioner-built cybersecurity company, continues to improve its industry-leading allowlisting solution to further block malware, ransomware, and zero-day attacks and help IT and cybersecurity teams comply with cybersecurity requirements and reduce allowlisting operational effort.

“There are many security products that can allow or block files. That is not the challenge,” says Airlock Digital Co-Founder, David Cottingham. “The challenge is how you instrument the allowlisting process to operationalize pro-active security controls.”

Allowlisting, also known as application whitelisting or application control, is documented in a number of government cybersecurity standards and/or regulations around the world, including the Top 10 Mitigations in the United States, NIST 800-171, CMMC, Center for Internet Security Basic Six, ACSC Essential Eight Strategies to Mitigate Cyber Security Incidents, Canadian Top 10 IT Security Actions, and New Zealand’s Top 10 IT Security Actions.

There are several cybersecurity solutions available today that can prevent files from being performed on endpoint systems. Almost none of them have the granular centralized control, workflow support, or organizational flexibility needed to support allowlisting in complex, enterprise computing environments at a reasonable cost.

“Codeless self-service aims to reduce friction and enables users to handle exceptions as quickly as possible, reducing overall business impact and work disruption,” says Cottingham. “Ultimately, organizations can choose how they want exception management to be used, in line with the organizations appetite for risk.”

Airlock eases the burden of allowlisting support by using simple workflows that minimize user disruption. If a required application is blocked, IT teams, including non-security personnel, can grant permissions to users using multiple One-Time Password (OTP) options.

“By having more granular criteria for blocklisting rules, you can now easily operationalize your security policies,” says Daniel Schell, Co-Founder, and Chief Technology Officer, Airlock Digital. “Based on Active Directory group membership, security administrators can easily block applications such as TeamViewer across the environment in a couple of clicks, while still allowing access for users that may need it.”

A new codeless self-service functionality is included in the latest Airlock version 4.7 update, in addition to one-time use and mobile OTP. This helps to retain user usability without sacrificing protection. Privilege users can self-administer temporary access to applications and scripts that are limited to the general user base using codeless self-service.

Airlock Digital has adopted a user-centric approach to allowlisting with the latest product enhancements. Airlock gives companies greater flexibility and streamlines workflows by allowing them to manage access for individual users or groups in addition to devices. This makes Airlock’s allowlisting more scalable and allows for integration with privileged access management (PAM) solutions. Additionally, more granular blocklisting standards have been added, enabling blocklist rules to be applied to particular enterprise security classes and operating system versions, ensuring that only properly privileged users can execute files across various device types.

Weekly Brief