Behavioral Based, Signature Based and Whitelist Based Security - Pros & cons

There are several different approaches to IT security, including blacklisting, whitelisting, and behavioral based technologies, and there is an ongoing debate in the IT security industry over the efficacy - or lack thereof - of each of these approaches. In a recent interview, Mark Russinovich made a strong case for the idea that whitelisting will play a […]

There are several different approaches to IT security, including blacklisting, whitelisting, and behavioral based technologies, and there is an ongoing debate in the IT security industry over the efficacy - or lack thereof - of each of these approaches. In a recent interview, Mark Russinovich made a strong case for the idea that whitelisting will play a big role in the future of security. However, Larry Seltzer and others have expressed doubts that whitelisting can work.

In this article, we take a look at how each of these security approaches operates and the strengths and weaknesses of each, along with a brief discussion of sandboxing and virtualization as security mechanisms.

Full Article