Application control, through whitelisting or blacklisting, reduces endpoint attack surface and is important to a well-rounded security strategy. Tanium Protect empowers organizations to restrict application execution with lightweight, natively available security controls and provides near-real-time visibility of attempted violations.
In the video below, we show you how you can use Tanium Protect to create, deploy and query an application whitelist. Using AppLocker policies, you can prevent unwanted executables from running on your endpoints, or only allow certain applications to run on endpoints.
In this Tanium Community best practice blog, we explain how to use Tanium Protect for blacklisting through an example of blacklisting the application DropBox and show how you can use Tanium Protect capabilities to prevent an unwanted application from running in your environment.