What Is The Difference Between Whitelisting And Exclusions?
What is the exact difference between Whitelisting of Applications/Process and Exclusions of Application/Processes?
I am thinking that the Excluding the application/processes simply exclude their executables and not all other processes/services associated with them, while in Whitelisting both executable and associated processes/services are also considered, but I'm not sure about that. Its my guess only.
Comments
-
Whitelisting the applications has almost no chances for their maliciousness as they are authenticated by the vendor while since the Exclusions are added manually by the user, so their are chances that a malicious application can be added to it. Also Whitelisting will have fewer False +ves then Exclusions. Whitelisting will eliminates the headache at user's end to add the authentic and legitimate applications/softwares etc to execute properly. An example of Whitelisting is the "File Reputation" system introduced by some vendors.
0
