Application Allow List
The application allow list has a clear purpose, which is to specify a roster of approved applications that are permitted to execute while blocking unauthorized or potentially malicious software from gaining a foothold. This can be done by creating a whitelist, which is a list of approved applications that will deny access to any application not on the list.
Let’s say, for example, we have two problems with our network: a user called Bob who keeps installing games on his corporate computer, and a ransomware attack that installed malware and encrypted sensitive data. To prevent this from happening again, we need to create an allow list (also called a whitelist), which is a list of allowed applications. With an active allow list, your network knows to disallow all applications that are not explicitly permitted, meaning that any other applications or malware Bob or any other user attempts to install will be instantly blocked.