Builds provenance repository of allow lists
Security start-up SignaCert Inc has won a vote of confidence from Microsoft over the use and development of its whitelisting security methods.
The Portland, Oregon-based business announced that its neighbours up in Redmond had agreed to start sharing data for use in its whitelist security database, with the start-up announcing that it would be “working with Microsoft to exchange known-provenance whitelist methods, standards, and content.”
Whitelist methods are supplementing the usual blacklist anti-virus approaches to ensure that only authentic and authorised software can to be loaded and executed on a PC. The process is usually developed around a repository of known-provenance and vendor-independent software measurements, which are known as whitelists or allow lists.
One of the challenges of the technique is coming up with a definitive list of trusted software.
SignaCert’s database, which is called the Global Trust Repository, works as a service that businesses can subscribe to gain access to its known-provenance whitelist measurements.
Having Microsoft and other independent software vendors provide inputs to the database is seen as step that will improve the reliance of the whitelists.
The company describes its database as a collection of software measurements that it obtains through direct partnerships with software vendors covering a broad range of operating systems, device drivers, and applications. “This known-provenance approach is in stark contrast to competitive signature repositories, which rely on indiscriminate web-scraping technologies resulting in extremely unreliable and frequently misleading data.”
Vendors of more traditional security tools maintain that neither blacklisting or whitelisting is sufficient, and that software is needed which assesses the reliability of an application that is based on its history and its reputation.
Analysts argue that the debate isn’t an either/or alternative. All of these methods need to be absorbed as foundation methods of next-generation system security.
SignaCert also said it would now be acting as a trusted third-party to aggregate Microsoft and other ISV software measures as a part of Global Trust Repository. For Microsoft, the move adds deep software object reputation services to be delivered under the Microsoft Security Advisory Service (MSAS) branding.
SignaCert was set up more than four years ago by Tripwire founder Wyatt Starnes. The business has just closed a new round of financing, meaning it has raised a total of $17 million from investors such as Intel Capital and Portland-based SmartForest Ventures.