Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Application Whitelisting

Published

Author(s)

Adam Sedgewick, Murugiah Souppaya, Karen Scarfone

Abstract

An application whitelist is a list of applications and application components that are authorized for use in an organization. Application whitelisting technologies use whitelists to control which applications are permitted to execute on a host. This helps to stop the execution of malware, unlicensed software, and other unauthorized software. This publication is intended to assist organizations in understanding the basics of application whitelisting. It also explains planning and implementation for whitelisting technologies throughout the security deployment lifecycle.
Citation
Special Publication (NIST SP) - 800-167
Report Number
800-167

Keywords

access control, application control, application whitelisting, information security, software security, whitelisting

Citation

Sedgewick, A. , Souppaya, M. and Scarfone, K. (2015), Guide to Application Whitelisting, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-167 (Accessed October 5, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 27, 2015, Updated October 12, 2021