• BOUNCER by CoreTrace
  • Product Overview
• Benefits of BOUNCER
  • Overview of Benefits
  • Malware Threats
  • User-Privilege Threats
  • Configuration Lockdown
• Features of BOUNCER
  • Overview of Features
  • Trusted Change
• Regulatory Compliance
  • Overview of Compliance
  • NERC CIP
  • PCI DSS
  • NIST sp800-53
  • The Sarbanes-Oxley Act
  • HIPAA
• Industry Solutions
  • Overview of Solutions
  • Engineering and Utilities (SCADA)
  • Hosted VoIP Providers
  • Government
• Roles & Responsibilities
  • Overview of Use by Role
  • IT Administrators
  • IT Managers
  • Executives

• Join LinkedIn Group: "SCADA / Control System Security Professionals"
• Join LinkedIn Group: "Application Whitelisting Professionals"
• Watch CoreTrace CEO Toney Jennings' interview with Richard Stiennon at RSA 2009

Change-ready Application Whitelisting

In order to effectively lower TCO, Application Whitelisting solutions MUST have some way of automating changes to protected systems. Any solution that cannot is a form of "lockdown" — where every single installation, upgrade, or update sits in a queue waiting for IT staff to evaluate, approve, or deny the change. You get complete control but at a huge cost in person-hours and user frustration.

Trusted Change is BOUNCER's patent-pending answer to lockdown. By allowing several trusted ways in which users can upgrade their systems or install new, approved applications, BOUNCER lowers endpoint TCO and IT frustrations while maintaining rock-solid security at all points in the chain.

You define the boundaries of trust in advance, and you base them upon what makes sense for your enterprise, e.g.,

• Do you use a network software share, or maybe one by each department?

• Do you have a patch management system that automates delivery to endpoints?

• Do you want users to be able to download applications digitally signed by a particular company (including your own)?

• Do you have road-warriors or other users that need to install new applications or drivers while traveling and disconnected from your network?

However you choose to define trust in your enterprise, BOUNCER's Trusted Change can work with you. Users operate within your pre-defined parameters to install applications. Once a change is complete, BOUNCER automatically generates a delta whitelist and records the configuration change for reporting purposes. Users are happy, safe and productive, and the your IT team is not crushed under an ongoing barrage of reactive help desk calls.

You can define trusted entities in multiple ways, e.g.,

• Trusted Application:

  Any individually approved application (verified by the size and hash of its installer) can be installed.

• Trusted Network Share:

  Any secured organizational network share with preapproved applications can become a source of Trusted Change.

• Trusted Digital Signature:

  Any digitally signed applications can easily be installed or updated — even if they were released today and downloaded from the Internet.

• Trusted ActiveX Installation:

  BOUNCER version 5 presents an industry first — the ability to dynamically whitelist specific, authorized ActiveX installations.

• Trusted Updater:

  Any individually approved update system (such as a management application or patch management utility) can commit changes to the system.

• Trusted User:

  In certain environments, IT-specified Trusted Users can manually approve the installation of any applications, and then IT is notified of all changes.

How BOUNCER provides easy, immediate, and ongoing endpoint control

Supporting & Related Resources

• Brochure

  "Product Overview"

• Webinar

  "Application Whitelisting: How It Works for You and How It Eliminates Many IT Security Headaches!"

• Whitepaper

  "Special Report: Tenets of Endpoint Security"

Looking for more or maybe something else? Try the CoreTrace Resources section.

• Company
• Contact
• Support
• Site Map
• Legal
• Privacy Policy