Airlock Digital v4.5- New Features!

, ,

Application control and Application Whitelisting is the number 1 mitigation strategy as directed by the ACSC and  Australian Signals Directorate’s Essential Eight framework. Airlock Digital  Application control and Whitelisting platform continues to mature and serve as a comprehensive solution for organisations to use it across their entire environment . Airlock Digital is an Austrlian sovereign,  purpose-built,  application whitelisting  and safelisting platform designed to perform application whitelisting at scale, making application whitelisting, safelisting, and blocklisting  simple in complex and changing enterprise environments.  The platforms allows for creating, deploying and managing application whitelists at a rapid pace, enabling organisations to become secure and compliant, quicker.

What’s new in v4.5 

CrowdStrike Integration: CrowdStrike Falcon customers are able to trace blocks and audit exceptions, manage their safelists and more through Crowdstrike’s Falcon Dashboard from the Airlock web management console. CrowdStrike customers can also start atrial of Airlock from with-in the CrowdStrike Store and manage deployment of Airlock capability via the Falcon Sensor.

Application whitelisting for Linux:  New Linux agent support now allows Airlock customers to implement application whitelisting and system hardening on Linux servers and workstations.

Roles and Group-based filtering and restriction:  Assign users to only see and manage computers in certain policy groups, useful for managing different teams looking after different servers and workstations, making the management of large user groups significantly easier.

Parent Process Whitelisting & Blacklisting: Administrators can define trusted applications that can be used to execute code on a system, particularly useful for developers that may require the ability to compile and execute unsigned code from a particular application without restriction.

Offline Application Captures: Updates now allow for Application Captures to be performed offline without an Airlock server connection and can be initiated without requiring server access, helping improve the speed and flexibility of capturing applications.

Learn More about Airlock Digital | Request a Demo 

Source: https://www.airlockdigital.com/airlock-v4-5-released-linux-enforcement-agent-crowdstrike-integration-rbac-etc/

 

How to Defend against Ransomware with Application Whitelisting

,

Ransomware Continues to plague cybersecurity organisations all across Australia. According to Business News Australia, Small-to-medium-sized enterprises (SMEs) in Australia and New Zealand hold the highest rate of Ransomware attacks in the world.  The best way to combat the rising ransomware attacks is through effective Application Whitelisting

In the first quarter of 2020, ransom demands made by operators rose significantly, increasing by 33 percent quarter-on-quarter. Meanwhile, the average ransom payout is currently at $111,605, and is often paid by large enterprises.

This statistic should come as no surprise for Australian cybersecurity experts who are actively trying to keep the bad actors at bay. Ransomware, refuses to go away and moreover continues to evolve by becoming more potent than ever.

The most recent ransomware making headlines is Sodinokibi is now known to penetrate locked and encrypted files. Along with Phobos and Ryuk it’s one of the top three ransomware families globally.

What is Ransomware

 

How to Protect Against Ransomware?

The only effective defence against Ransomware is Application Whitelisting. A critical part of the ASD Essential Eight, Application Whitelisting is proactive and often the most secure layer in an environment.

Application Whitelisting is now available as a mature solution and can be deployed across an organisation’s entire environment as a part of their layered security approach.

Another benefit of Application Whitelisting is the ability to have increased visibility of endpoint applications and block threats before they can reach any part of the network.

Additionally, to stop Ransomware and malware in dynamic environments, file-level whitelisting is an essential tool across the entire organisation including helpdesk, administrators and management.

 

Airlock Digital and Achievable Whitelisting

Airlock Digital offers workflow-based Application whitelisting that excels in dynamically changing environments. Airlock Digital is a proactive solution and prevents any malicious code from running, thereby reducing any damage to the network

With Airlock Digital, Application whitelisting is simple and repeatable and provides a centralised overview of all files within an organisation.  Additionally, Airlock Digital is lightweight, proactive, and a key component in helping organisations achieve compliance with the ASD Essential Eight, PCI-DSS and HIPAA.

 

Summary

As Ransomware continues to evolve and grow, its important for organisations to have a multi-layered and effective security approach in place. Organisations, which have not yet implemented Application Whitelisting need to include this strategy as a proactive barrier against Ransomware.

Read what the ACSC has to say about Application Control and Application Whitelisting.

Watch the video from Airlock Digital HERE. Sign up for a Demo

 

Sources:

https://www.itproportal.com/news/sodinokibi-ransomware-can-now-penetrate-locked-files/

https://techtalk.pcmatic.com/2018/08/16/ransomware-application-whitelisting/

https://www.businessnewsaus.com.au/articles/australian-smes-hit-hardest-in-the-world-by-ransomware-attacks.html