Reply To: It’s not just EXEs that can be malware. Does WLC take note of other stuff?

Forums WhitelistCloud Support Forum General WhitelistCloud Discussions It’s not just EXEs that can be malware. Does WLC take note of other stuff? Reply To: It’s not just EXEs that can be malware. Does WLC take note of other stuff?

    Dan
    Keymaster
    US
    Yes, it is funny that you should ask. I started the day with a few simple tests, then one thing kind of led to another, and I ended up testing many different deny-by-default products.

    As it turns out, the parent / child process mechanism that I have talked about for years now works better than I ever thought it would. Simple whitelisting by the single executable’s path is no longer an effective mechanism to stop malware. The entire attack chain should be considered (parent, child, etc), and I am finding this to be the exception rather than the rule. So VS might be overkill, but that is only because it actually functions as a true deny-by-default.

    I will probably create a video on this, it is quite interesting what I found.

    1
    0