← @kwm Twitter archive

Keith

@kwm

One reason why application whitelisting (AWL) adoption is still low despite being effective: AWL requires permanent change to IT operations, support processes. Domain whitelisting is similar. This is in contrast with the majority of "background" controls that users, IT expect.

3/10/2018, 10:50:32 AM

Favs: 7

Retweets: 3

Keith

@kwm

@strandjs makes an interesting recommendation re: application whitelisting deployment: Put end users in charge of decisions (block + ask).

InfoSec types have knee-jerk reactions to this, but at a macro level:

- AWL is in production
- User awareness isn't getting *worse*

3/10/2018, 10:54:41 AM

Favs: 3

Retweets: 0