NIST Hash Lists Give A Boost To Positive Security On Windows

Software Reference Library includes legitimate software applications, images, and operating system files.

Jordan Wiens

September 17, 2008

1 Min Read
Network Computing logo

When implementing a positive security model on Windows, one useful resource is the NIST National Software Reference Library . NIST tracks a massive number of legitimate software applications, images, and operating system files, and makes lists of the resulting cryptographic hashes available. These hash lists can be imported into most whitelist systems. This may help reduce the stress associated with developing customized whitelists for a particular environment by seeding the list with a large number of known legitimate applications.

Bit9 also maintains a large free public interface to a large percentage of its application database. While the interface does not support exporting data into other whitelists, it's very useful for manual verification of binaries by administrators willing to do a little bit of extra legwork to configure their own whitelists.

Return to the main story:
Positive Security: Worth The Work?

About the Author(s)

Jordan Wiens

Jordan Wiens

Contributing Technology Editor

See more from Jordan Wiens
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up
More Insights
Webinars
More Webinars
Reports
More Reports
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat