NIST Hash Lists Give A Boost To Positive Security On Windows
Software Reference Library includes legitimate software applications, images, and operating system files.
When implementing a positive security model on Windows, one useful resource is the NIST National Software Reference Library . NIST tracks a massive number of legitimate software applications, images, and operating system files, and makes lists of the resulting cryptographic hashes available. These hash lists can be imported into most whitelist systems. This may help reduce the stress associated with developing customized whitelists for a particular environment by seeding the list with a large number of known legitimate applications.
More Security Insights
- The Untapped Potential of Mobile Apps for Commercial Customers
- Get Actionable Insight with Security Intelligence for Mainframe Environments
White PapersMore >>
Bit9 also maintains a large free public interface to a large percentage of its application database. While the interface does not support exporting data into other whitelists, it's very useful for manual verification of binaries by administrators willing to do a little bit of extra legwork to configure their own whitelists.
Positive Security: Worth The Work?