SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsProtection of critical infrastructure computer systems from malware and zero-day exploits is imperative because critical systems provide for the well-being of the public by supplying valuable public resources, such as water, gas, and electricity. This paper explains whitelisting and its use to protect computers that provide a human machine interface into systems that control critical infrastructure operations, such as those found in utilities. Whitelisting is discussed in detail as well as how it differs from traditional antivirus software, or blacklisting, and why whitelisting lends itself for use on critical infrastructure computers more favorably than traditional antivirus software. This paper also discusses misunderstandings in the use of whitelisting while supporting and promoting the use of both whitelisting and blacklisting as a means to increase the security posture computer systems and even protecting them from zero-day and other malware exploits.