The explosion in malware and vulnerabilities over the last several years has narrowed the usefulness of blacklisting technology. While still important, it can no longer remain the mainstay of the modern security program. A shift is needed, and whitelisting seems to be the answer. By allowing only trusted applications to execute on a system, organizations can beat hackers at the malware game by taking the ball and glove and quitting the game altogether.

Information security has become a hot button issue in corporate boardrooms as more data breaches make headlines. Security breaches impact a company's bottom line and thus no longer only require the attention of security personnel, but also the executive team, including the CEO.

Recognizing October as National Cyber security Awareness Month, Lumension Chairman and CEO, Pat Clawson, invited a handful of IT security industry leaders for 30 minutes of frank conversation on what is being done at the government level to reign in national cyber security efforts in the U.S.

Paul Henry, Security and Forensics Analyst for Lumension, discusses the impact of the October 2010 Patch Tuesday releases.

Traditionally, whitelisting and blacklisting - the foundation of antivirus - have been seen as opposing security solutions. With an exploding number of malware threats coming from third party applications, the two technologies are now "teaming up" to protect endpoints via a layered approach.

While whitelisting technology has evolved greatly from what it once was, common misperceptions remain that keep some security pros from considering the technology effective. Learn how all of them are no longer accurate and why.

Paul Henry, Security and Forensics Analyst for Lumension, discusses the impact of the September 2010 Patch Tuesday releases.

The practice of 'whitelisting' is actually one of the original computer security models. Twenty years ago, computers and devices used to arrive with all features, services, and ports turned off by default and that's where they stayed until someone enabled them through the process of whitelisting, which allowed only the running of known or good applications and features. Computers no longer arrive at our business or in our homes with all features locked down. Rather, they are now delivered with everything open and enabled. The idea of an application whitelisting approach to security seemingly all but died. What happened? Why was this effective security model all but abandoned? More importantly, why is it now coming back?

Paul Henry, Security and Forensics Analyst for Lumension, discusses the impact of the August 2010 Patch Tuesday releases.

In this video, security and forensics expert Paul Henry highlights: the shift in vulnerabilities from operating systems and servers to third party applications, why you must keep on top of updates beyond those from Microsoft, how vulnerability management has evolved from assessment to integrated assessment, patching and configuration remediation, three best practices to address effectively address this evolving risk