When it comes to "doing the basics" application whitelisting (AWL) gets a bad rep. because it *is* a higher-friction control. But AWL doesn't have to mean going high-enforcement. Using platform app store settings is a great start, if it's what you can achieve. "Block and ask"++

Keith

@kwm

InfoSec Twitter loves to say "just do the basics." Then it attacks itself because some of the basics are hard.

But *enough* of the basics are easy+impactful enough that we'd better do 'em.

- Least priv
- Local firewalls
- Web proxy/filter

3/8/2018, 12:03:39 PM

Favs: 5

Retweets: 0

link

Keith

@kwm

When it comes to "doing the basics" application whitelisting (AWL) gets a bad rep. because it *is* a higher-friction control. But AWL doesn't have to mean going high-enforcement.

Using platform app store settings is a great start, if it's what you can achieve. "Block and ask"++

3/8/2018, 1:00:52 PM

Favs: 1

Retweets: 0

link