Though application whitelisting has been around for several years I have worked for organizations with as few as 100 employees and as many as 3000 employees and none of them have used any products or induced any application whitelisting GPO’s to try to implement a solution such as this. I have read into ideas like this such as CoreTrace which state if you implement their product you will not have to install security patches, (stated on two websites currently).
That seems a bit rediculous to me considering that if there is a major security hole in ,say, your favorite browser I would want to install the patch for it right away no matter if I had this solution installed or not. This is a great idea but I don’t see any organizations stammering to get it on their list.
Has anyone else worked or are currently working with an organization that has such a process in place?