Sedgewick, A.
, Souppaya, M.
and Scarfone, K.
(2015),
Guide to Application Whitelisting, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-167
(Accessed October 6, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Guide to Application Whitelisting
Published
Author(s)
, , Karen Scarfone
Abstract
An application whitelist is a list of applications and application components that are authorized for use in an organization. Application whitelisting technologies use whitelists to control which applications are permitted to execute on a host. This helps to stop the execution of malware, unlicensed software, and other unauthorized software. This publication is intended to assist organizations in understanding the basics of application whitelisting. It also explains planning and implementation for whitelisting technologies throughout the security deployment lifecycle.Citation
Special Publication (NIST SP) - 800-167
Report Number
800-167
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
access control, application control, application whitelisting, information security, software security, whitelisting
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created October 27, 2015, Updated October 12, 2021