Tooting our own horn a bit here: Bit9 was just awarded two government awards – the “Best Anti-Malware Solution” from Government Security News’ Homeland Security Awards and the American Security Challange 2010 Pilot Award.
Government agencies have increasingly been adopting Bit9 Parity application whitelisting to defend against the “Advanced Persistent Threat” and some examples of the company’s traction in government include:
- Numerous government-wide acquisition contracts (GWACs) spanning GSA, NASA SEWP, and Defense IDIQ contract vehicles ENCORE II (small & large business), ITES-2S and NETCENTS
- Strategic alliances with federally focused organizations including CACI, Iron Bow Technologies, Lockheed Martin IS&GS and TKC IS
- Partnerships with Guidance Software and Mandiant
- Integrations with ArcSight, BigFix and Symantec
- Evaluation for certification to Common Criteria Evaluation Assurance Level 2+
- Strong commitment to preventing targeted cyber attacks with recent launch of Bit9 Cyber Forensics Service™
Why does the Government need advanced threat protection such as application whitelisting? Government agencies at all levels are entrusted with sensitive information. Managing the risks associated with this information is critical not only for government security but also to ensure citizens’ confidence in public services. The attacks coming from China dubbed Operation Aurora at the beginning of the year provide the best motivation.
The Intelligence Community, among others, is advocating the approach of default deny – or restricting applications as an important security approach. In their operating system guidelinace, it says “an application whitelisting technique significantly increases the security posture of the domain by preventing some malicious programs from executing.” While they are discussing Software Restriction Policies in this instance, the precursor to AppLocker, the technique and end result is the same. This whitepaper goes in depth into the differences between application whitelisting and AppLocker.
