News

04:30 PM
Connect Directly
RSS
E-Mail
50%
50%

NIST Hash Lists Give A Boost To Positive Security On Windows

Software Reference Library includes legitimate software applications, images, and operating system files.

When implementing a positive security model on Windows, one useful resource is the NIST National Software Reference Library . NIST tracks a massive number of legitimate software applications, images, and operating system files, and makes lists of the resulting cryptographic hashes available. These hash lists can be imported into most whitelist systems. This may help reduce the stress associated with developing customized whitelists for a particular environment by seeding the list with a large number of known legitimate applications.

Bit9 also maintains a large free public interface to a large percentage of its application database. While the interface does not support exporting data into other whitelists, it's very useful for manual verification of binaries by administrators willing to do a little bit of extra legwork to configure their own whitelists.

Return to the main story:
Positive Security: Worth The Work?

Comment  | 
Print  | 
More Insights
Cartoon
White Papers
Register for Network Computing Newsletters
Current Issue
2014 State of Unified Communications
2014 State of Unified Communications
If you thought consumerization killed UC, think again: 70% of our 488 respondents have or plan to put systems in place. Of those, 34% will roll UC out to 76% or more of their user base. And there’s some good news for UCaaS providers.
Video
Slideshows
Twitter Feed