View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Lumension updates endpoint management platform

Application whitelisting mixed with AV is the best protection, company claims

By Steve Evans

Lumension has extended its Endpoint Management and Security Suite (LEMSS) by adding its Endpoint Integrity Service (LEIS) into the platform, along with Intelligent Whitelisting features.

LEMSS 7.2 allows companies to discover and verify the authenticity of all applications on their endpoint devices. It references the NIST National Software Reference Library (NSRL) to validate executables from original software vendors, Lumension said. It also uses an application trust rating to advise users whether certain applications should be allowed to run.

The company says that vulnerabilities in third-party applications have tripled over recent years.

The company adds that integrating LEIS with LEMSS will help users to identify potentially harmful "grey" applications, and improve app visibility across the endpoint environment.

This method of application control or whitelisting is more effective than the traditional blacklisting approach to security, Lumension SVP Alan Bentley told CBR. He said the company uses a three-prong approach to it.

"For us it is a combination of application control, patching and antivirus. It puts the endpoint into a more proactive security state. In one place you can mitigate against advanced persistent threats (APTs), zero-day threats, unique malware and malware that is trying to identify known vulnerability vectors."

"For any software to do anything it has to execute in memory, so that’s where application control comes in," Bentley continued. "Whitelisting will not allow anything to execute that has not been approved."

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Lumension’s LEMSS platform relies on the whitelisting technology to block any application that could be harmless. The antivirus element will then remove it from the endpoint device, if it is indeed malicious, Bentley said.

LEMSS 7.2 will be available in June 2012 and a mobile device management (MDM) capability, designed to help organisations cope with the BYOD craze, will be added by the end of the year, Bentley confirmed to CBR at this year’s InfoSec conference in London.

At last year’s event CBR caught up with CEO Pat Lawson. You can read the full Q&A here.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU