Hubbry Logo
WhitelistWhitelistMain
Open search
Whitelist
Community hub
Whitelist
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Whitelist
Whitelist
Whitelist
View on Wikipedia
from Wikipedia

A whitelist or allowlist is a list or register of entities that are being provided a particular privilege, service, mobility, access or recognition. Entities on the list will be accepted, approved and/or recognized. Whitelisting is the reverse of blacklisting, the practice of identifying entities that are denied, unrecognized, or ostracized.[citation needed]

Email whitelists

[edit]

Spam filters often include the ability to "whitelist" certain sender IP addresses, email addresses or domain names to protect their email from being rejected or sent to a junk mail folder. These can be manually maintained by the user[1] or system administrator - but can also refer to externally maintained whitelist services.[citation needed][2]

Non-commercial whitelists

[edit]

Non-commercial whitelists are operated by various non-profit organizations, ISPs, and others interested in blocking spam. Rather than paying fees, the sender must pass a series of tests; for example, their email server must not be an open relay and have a static IP address. The operator of the whitelist may remove a server from the list if complaints are received.[citation needed][3]

Commercial whitelists

[edit]

Commercial whitelists are a system by which an Internet service provider allows someone to bypass spam filters when sending email messages to its subscribers, in return for a pre-paid fee, either an annual or a per-message fee. A sender can then be more confident that their messages have reached recipients without being blocked, or having links or images stripped out of them, by spam filters. The purpose of commercial whitelists is to allow companies to reliably reach their customers by email.[citation needed]

Advertising whitelist

[edit]

Many websites rely on ads as a source of revenue, but the use of ad blockers is increasingly common.[citation needed] Websites that detect an adblocker in use often ask for it to be disabled - or their site to be "added to the whitelist"[4] - a standard feature of most adblockers.[citation needed]

Network whitelists

[edit]
See also: internet filter

LAN whitelists

[edit]

A use for whitelists is in local area network (LAN) security. Many network admins set up MAC address whitelists, or a MAC address filter, to control who is allowed on their networks. This is used when encryption is not a practical solution or in tandem with encryption. However, it's sometimes ineffective because a MAC address can be faked.[citation needed]

IP whitelist

[edit]

Firewalls can usually be configured to only allow data-traffic from/to certain (ranges of) IP-addresses.[citation needed]

Application whitelists

[edit]

One approach in combating viruses and malware is to whitelist software which is considered safe to run, blocking all others.[5][6][7][8] This is particularly attractive in a corporate environment, where there are typically already restrictions on what software is approved.[citation needed]

Leading providers of application whitelisting technology include Bit9, Velox, McAfee, Lumension, ThreatLocker, Airlock Digital and SMAC.[9][10][11]

On Microsoft Windows, recent versions include AppLocker, which allows administrators to control which executable files are denied or allowed to execute. With AppLocker, administrators are able to create rules based on file names, publishers or file location that will allow certain files to execute. Rules can apply to individuals or groups. Policies are used to group users into different enforcement levels. For example, some users can be added to a report-only policy that will allow administrators to understand the impact before moving that user to a higher enforcement level.[citation needed]

Linux systems typically have AppArmor and SE Linux features available which can be used to effectively block all applications which are not explicitly whitelisted, and commercial products are also available.[12]

On HP-UX introduced a feature called "HP-UX Whitelisting" on 11iv3 version.[13]

Controversy regarding name

[edit]

In 2018, a journal commentary on a report on predatory publishing[14] was released making claims that "white" and "black" are racially charged terms that need to be avoided in instances such as "whitelist" and "blacklist". The journal became mainstream in Summer 2020 following the George Floyd protests in America[15] wherein a black man was murdered by an officer, sparking protests on police brutality.

The premise of the journal is that "black" and "white" have negative and positive connotations respectively.[14] It states that since "blacklisting" was first referred to during "the time of mass enslavement and forced deportation of Africans to work in European-held colonies in the Americas," the word is therefore related to race. There is no mention of "whitelist" and its origin or relation to race.

This issue is most widely disputed in computing industries where "whitelist" and "blacklist" are prevalent (e.g. IP whitelisting[16]). Despite the commentary nature of the journal, some companies and individuals in others have taken to replacing "whitelist" and "blacklist" with new alternatives such as "allow list" and "deny list".[17] Those adopting this change consider using the "whitelist"/"blacklist" names as a code smell.[18]

Those that oppose these changes question its attribution to race, citing the same etymology quote that the 2018 journal uses.[17][19] According to the remark, the term "blacklist" evolved from the term "black book" about a century ago. The term "black book" does not appear to have any etymology or sources that support racial associations, instead originating in the 1400s as a reference to "a list of people who had committed crimes or fallen out of favor with leaders", and popularized by King Henry VIII's literal use of a black book.[20] Others also note the prevalence of positive and negative connotations to "white" and "black" in the Bible, predating attributions to skin tone and slavery.[21] It wasn't until the 1960s Black Power movement that "Black" became a widespread word to refer to one's race as a person of color in America[22] (alternate to African-American) lending itself to the argument that the negative connotation behind "black" and "blacklist" both predate attribution to race.

See also

[edit]
Look up whitelist, allowlist, white list, or whitelisting in Wiktionary, the free dictionary.

References

[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

Whitelist

View on Grokipedia
from Grokipedia
A whitelist, also referred to as an allowlist, is a and mechanism that explicitly approves a predefined list of trusted entities—such as addresses, IP addresses, domain names, or software applications—while denying access or execution to all others by default. It is used in various fields, including cybersecurity, and content filtering, and . This approach contrasts with , which blocks specific threats but permits everything else, and is widely used to enhance by enforcing a . In , whitelisting restricts inbound and outbound traffic to only verified sources, commonly implemented in firewalls and filters to prevent spam, , and unauthorized intrusions. For application control, it limits software to vetted programs, reducing risks from and zero-day exploits, as recommended by frameworks like those from the National Institute of Standards and Technology (NIST). The term "whitelist" first appeared in 1842 as a counterpart to "blacklist," with roots in non-racial administrative lists, but has increasingly been replaced by "allowlist" since around 2020 to promote in technical documentation and standards. Despite its effectiveness in high-security environments, whitelisting requires ongoing maintenance to accommodate legitimate changes, balancing protection against operational flexibility.

Fundamentals

Definition and Purpose

A whitelist is a predefined list of approved entities, such as addresses, IP addresses, domains, or applications, that are explicitly permitted to access resources or bypass restrictions. According to the National Institute of Standards and Technology (NIST), it consists of "A list of discrete entities, such as hosts or applications that are known to be benign and are approved for use within an organization and/or ." The primary purpose of a whitelist is to enforce a "default deny" policy, under which only explicitly listed items are allowed while all others are blocked by default. This approach enhances security by minimizing the and reducing exposure to untrusted or malicious elements, in contrast to permissive policies that allow broad access and rely on reactive blocking. It provides fine-grained control over system interactions, simplifying monitoring and compliance efforts in environments where trust must be explicitly verified. Entities attempting access are matched against the whitelist through exact comparisons or pattern-based rules, such as regular expressions applied to domains or paths. Common matching attributes include file names, paths, digital signatures, or cryptographic hashes to verify authenticity. Updates to the list typically require administrative oversight and approval to prevent unauthorized additions that could compromise security. The concept underlying whitelisting evolved from access control lists (ACLs) in early mainframe systems, such as the Multics operating system developed starting in 1965, where ACLs associated permissions directly with resources to control user access.

Comparison to Blacklisting

Whitelisting operates as a positive security model, permitting only explicitly approved items or behaviors while denying all others by default, whereas blacklisting employs a negative security model that allows everything except known threats. This fundamental distinction makes whitelisting stricter and more comprehensive in controlling access, particularly in high-risk environments where unauthorized elements pose significant threats. A key advantage of whitelisting over is its effectiveness against dynamic and unknown threats, such as zero-day attacks, by limiting the through a default-deny posture that blocks unapproved entities regardless of their novelty. In contrast, relies on identifying and updating lists of known bad actors, which can fail against novel or customized exploits. However, whitelisting demands substantial ongoing maintenance to incorporate legitimate new items, such as software updates or emerging trusted sources, potentially leading to disruptions if not managed diligently; it can also prove overly restrictive in dynamic systems where frequent changes occur. , while easier to implement initially, risks higher false negatives by permitting unknown risks to pass through. Whitelisting is best suited for controlled, high-security settings like corporate networks, where the benefits of stringent protection outweigh maintenance costs, whereas fits broader, less curated scenarios such as consumer , allowing greater flexibility at the expense of comprehensive coverage. Hybrid approaches often integrate both models for layered defense, using whitelisting as the primary gatekeeper to enforce strict defaults while supplementing with to address identified threats efficiently.

Email Whitelisting

Non-Commercial Implementations

Non-commercial implementations of whitelisting emphasize open-source tools and community-driven practices, providing accessible options for individuals and small organizations to filter spam by explicitly approving trusted senders. A prominent example is , an open-source spam detection system that integrates whitelisting via configuration directives in its local.cf file, allowing patterns such as specific email addresses (e.g., [email protected]), domains (e.g., *@isp.com), or wildcards (e.g., *.domain.net) to bypass filtering. The project further supports community-maintained whitelists through plugins and shared rule sets that users can incorporate to enhance trusted sender recognition. User-managed whitelists in personal email clients offer simple, manual techniques for approving senders. In , users configure junk settings to exempt messages from whitelisted address books or create filters that move approved emails to the inbox, effectively bypassing the junk folder. Similarly, enables whitelisting by adding sender email addresses or domains to the Safe Senders list in its Junk Email options, ensuring those messages are not marked as junk. Community resources augment these tools with free, volunteer-curated databases for spam avoidance. DNSWL.org operates as a DNS-based whitelist, listing reputable IP addresses of mail servers to reduce false positives; it is queried in standard DNSBL format (e.g., reversed IP in list.dnswl.org) and integrated into filters like SpamAssassin for automated checks. Other open DNS-based lists, maintained by collaborative efforts, allow server administrators to reference shared whitelists during email processing. Configuring server-side whitelists in open-source MTAs like Postfix involves editing access maps for sender restrictions. In the main.cf file, set smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access; then, in the /etc/postfix/access file, define patterns such as user@domain OK for specific addresses, domain.tld OK for domains (matching subdomains if enabled), or @domain.tld OK for all users in a domain, followed by running postmap /etc/postfix/access to compile the database and reloading Postfix. These approaches, while cost-free and customizable, rely heavily on user expertise for setup and ongoing management, potentially leading to inconsistencies, and feature slower update cycles dependent on community contributions rather than dedicated commercial support.

Commercial Services

Commercial email whitelisting services provide scalable, vendor-supported solutions designed for businesses handling high volumes of email traffic, offering advanced features beyond basic configurations. Major providers include Microsoft Defender for Office 365, which utilizes tenant allow/block lists to permit emails from trusted senders, domains, or IP addresses, ensuring seamless integration within Microsoft 365 ecosystems. Proofpoint Essentials employs domain-based allowlisting through its Safe Sender lists, enabling organizations to bypass spam and malware checks for verified sources while maintaining robust threat detection. Mimecast offers targeted whitelisting via Permitted Senders policies, allowing administrators to approve specific senders for bypassing security scans, particularly useful for verified business partners. These services emphasize and integration to enhance efficiency for enterprise environments. Automated updates ensure whitelists remain current without manual intervention, while integrations—such as Proofpoint's sender list , Mimecast's permit-or-block-sender endpoint, and Microsoft’s Exchange Online for tenant lists—facilitate dynamic management of allowlists from external systems. features provide insights into whitelist efficacy, including reports on allowed versus blocked emails and false positive rates, helping administrators refine policies; for instance, Proofpoint's dashboards track sender compliance and evasion attempts. In enterprise use cases, these solutions integrate with (SIEM) systems to support compliance requirements like GDPR, where whitelisting ensures controlled flows for data protection audits. Cost models typically range from $2 to $5 per user per month as of 2025, depending on the plan and provider; Defender Plan 1 starts at $2 per user/month, Proofpoint Essentials Business edition at approximately $3 per user/month, and Mimecast's basic security is quote-based but typically around $3–$4 per user per month. The evolution of commercial email whitelisting accelerated post-2010 with the rise of cloud-based email platforms like Microsoft Office 365, launched in 2011, driving demand for integrated security services to manage increased volumes and sophisticated threats. By the mid-2010s, providers incorporated AI-assisted management to automate whitelist curation and detect anomalies in sender patterns, reducing administrative overhead amid growing attempts. In the sector, adoption has been prominent for securing vendor communications; for example, a major U.S. implemented Proofpoint Email Protection, blocking over 6.6 million unwanted messages in 30 days and achieving 100% rejection of fraudulent emails, supporting and operational continuity.

Content and Advertising Whitelisting

Advertising Whitelists

In digital advertising, whitelists refer to curated lists of approved ad networks, domains, creative formats, or publishers that are permitted to serve advertisements, often bypassing restrictions imposed by ad blockers or platform policies. These lists enable selective ad delivery to maintain while allowing certain non-intrusive ads to appear. For instance, ad blockers like use whitelists to permit ads that meet specific criteria, ensuring they do not disrupt content viewing. A primary mechanism for whitelists is the Acceptable Ads initiative by eyeo , the company behind , which integrates crowdsourced input from users and third-party contributors alongside oversight by the independent Acceptable Ads . Ads are evaluated against standards for unobtrusiveness, such as size limits (e.g., no more than pixels high above primary content) and clear labeling as advertisements, with proposals for inclusion publicly reviewed before whitelisting. This audits for compliance, excluding intrusive formats like pop-ups or autoplay videos, and allows approximately 90% of participants to join without fees. Industry standards further support whitelist creation, including the Interactive Advertising Bureau's (IAB) LEAN principles (Light, Encrypted, AdChoices-supported, Non-invasive), which guide publishers in developing lightweight ads to reduce blocking incentives, and Google's framework, which verifies authorized sellers on publisher domains to build trust in ad supply chains. Whitelisting benefits publishers by recovering lost revenue from ad-blocking users—estimated at $54 billion as of 2024 industry-wide—while preserving user through non-tracking, relevant ads that enhance site . However, controversies arise from potential , as large advertisers may disproportionately influence whitelists via payments to ad blocker operators (e.g., eyeo's undisclosed fees for some inclusions), raising concerns about fairness and enabling problematic content exposure, with studies showing privacy-focused users encountering 13.6% more problematic ads via "acceptable" exceptions. Implementation often occurs publisher-side through ad servers like (formerly ), where whitelists restrict ad placements to approved domains or networks, minimizing and ensuring compliance. For example, integrating with ad servers verifies seller authorization, boosting fill rates and reducing unauthorized impressions.

Web Content Whitelists

Web content whitelists enable users to bypass default restrictions in browsers and security software, granting access only to pre-approved URLs deemed safe for browsing. In web browsers such as , administrators can configure URL allowlists through enterprise policies to permit specific sites while blocking others, ensuring controlled access in educational or organizational environments. Similarly, security software like allows users to add website exclusions via browser protection settings, effectively whitelisting trusted URLs to avoid false positives in threat detection. Parental control applications, such as Qustodio, provide customizable web filtering rules where parents can create personal allowlists of websites, overriding category-based blocks to suit family needs. In enterprise settings, proxy servers like Blue Coat ProxySG (now part of ) support whitelisting approved web domains through content policy language, allowing granular control over HTTP/ traffic to vetted sites. These tools often integrate cloud-based synchronization to propagate whitelist updates across devices in real time, maintaining consistency without manual intervention on each endpoint. Inclusion on web content whitelists typically relies on safety evaluations from services like , which flags and excludes sites associated with distribution, attempts, or social engineering scams. Sites must demonstrate absence of harmful content, such as deceptive redirects or exploit kits, to qualify as safe and eligible for whitelisting in integrated browser protections. Implementing whitelists presents challenges in balancing user with robust , particularly when handling dynamic content on websites that frequently update or generate pages algorithmically, complicating static assessments. Maintaining accurate whitelists requires ongoing database updates to account for evolving web threats and site changes, often mitigated through cloud-synced policies but risking over-restriction if not carefully managed.

Network and Security Whitelisting

IP Address Whitelisting

IP address whitelisting involves configuring network firewalls to permit solely from predefined IP addresses or ranges, thereby restricting access to authorized sources. In systems, this is commonly achieved using , where rules are added to the INPUT chain to accept packets from specified sources before a default DROP policy blocks others. For instance, a rule might allow incoming on port 22 for SSH from a single IP with the command iptables -A INPUT -s 192.168.1.100 -p tcp --dport 22 -j ACCEPT, followed by ensuring the chain policy drops unmatched . To handle ranges efficiently, (CIDR) notation is employed, such as 192.168.1.0/24 to whitelist an entire , reducing rule complexity and improving performance. This approach ensures only trusted traverses the firewall, with rules evaluated in until a match occurs. Common applications of IP whitelisting include securing remote access protocols like SSH, where firewall rules limit connections to trusted administrator IPs, preventing brute-force attacks from external sources. In environments, AWS Groups function as virtual firewalls, allowing inbound rules to whitelist specific CIDR blocks for services such as EC2 instances, ensuring endpoints and databases are accessible only from approved networks. Similarly, VPN gateways often incorporate IP whitelisting to validate client connections, restricting tunnel access to predefined IP ranges and enhancing secure remote workforce connectivity. Various tools facilitate IP whitelisting implementation. Commercial solutions like use lists (ACLs) to define permitted IPs, where commands such as access-list whitelist extended permit ip host 192.168.1.100 any add entries to allow traffic from specific addresses before applying the list to interfaces. Open-source platforms like enable whitelisting through its web-based GUI, where firewall rules specify source IPs or aliases containing CIDR ranges (e.g., 192.168.1.0/24) and set the action to "Pass" for targeted interfaces. For dynamic scenarios, such as temporary vendor access with changing IPs, scripts can automate updates; for example, Bash scripts resolve hostnames to IPs via DNS and insert rules, often integrated with jobs for periodic refreshes. From a perspective, IP whitelisting effectively prevents unauthorized remote access by blocking traffic from unlisted sources, significantly reducing the against threats like distributed denial-of-service (DDoS) and unauthorized intrusions. However, it carries risks such as IP spoofing, where attackers forge source addresses to bypass restrictions, potentially leading to data breaches if not addressed. Mitigations include layering defenses like (MFA) and intrusion detection systems (IDS), which validate traffic beyond IP origins. Best practices for IP whitelisting emphasize regular audits to review and prune outdated entries, ensuring the list remains minimal and relevant to avoid over-permissive access. Integration with geolocation enhances this by dynamically restricting whitelists to specific regions, combining IP ranges with databases like GeoIP for automated regional filtering. Organizations should also employ least-privilege principles, documenting changes and testing rules to maintain efficacy without disrupting legitimate traffic.

Application Whitelisting

Application whitelisting involves establishing policies within operating systems or tools that permit only explicitly approved software applications to execute on a device, thereby blocking all unlisted executables by default. This approach enforces a "default-deny" principle, where unauthorized code cannot run unless added to the whitelist, significantly reducing the risk of execution compared to traditional signature-based detection methods. In Windows environments, tools like implement these policies to control application execution based on predefined rules, while macOS employs to verify and restrict unsigned or unnotarized apps. Implementation of application whitelisting typically relies on matching mechanisms such as cryptographic hashes, file paths, or publisher signatures to identify approved binaries. Hash-based rules use algorithms like SHA-256 to generate unique fingerprints for files, ensuring precise identification but requiring updates whenever software is patched or modified. Path-based matching allows execution from designated directories, offering simplicity for static environments but to path manipulation if not combined with strict access controls. AppLocker's publisher rules, for instance, leverage digital signatures from trusted vendors to automatically whitelist signed applications, accommodating updates without manual hash recreation. In enterprise settings, application whitelisting serves as a cornerstone of endpoint protection, deployed through management platforms like to enforce policies across distributed devices and prevent infiltration. By maintaining a comprehensive inventory of approved software, organizations can achieve default-deny execution, limiting the and supporting compliance with security standards such as those outlined by NIST. Advanced implementations integrate behavioral analysis to dynamically adjust whitelisting at runtime, monitoring processes for anomalous actions even among approved applications. For example, CrowdStrike's platform combines with whitelisting to detect and block malicious behaviors in trusted executables, enhancing protection against fileless attacks. Despite its benefits, application whitelisting can impede legitimate software updates by blocking modified files until the whitelist is refreshed, potentially disrupting operations if not managed proactively. Large-scale deployments also demand centralized management tools to handle policy distribution and maintenance, as manual updates across numerous endpoints become impractical and error-prone.

Local Area Network (LAN) Whitelisting

Local Area Network (LAN) whitelisting involves creating lists of approved Media Access Control (MAC) addresses or device identifiers to restrict network access at the hardware level, typically enforced by switches and routers to ensure only authorized devices connect to internal network resources. This method serves as a foundational mechanism in local environments, where network devices like switches utilize features to limit connections to predefined MAC addresses on specific ports, preventing unauthorized attachments. For instance, 's configuration allows administrators to statically define or dynamically learn up to a specified number of MAC addresses per port, dynamically updating the running configuration for persistent enforcement. Setup of LAN whitelisting often includes configuring DHCP reservations, which bind specific IP addresses to approved es, effectively limiting IP assignment to whitelisted devices and blocking others from obtaining network connectivity. Additionally, 802.1X protocols can integrate whitelisting through MAC Authentication Bypass (MAB), where devices failing certificate-based authentication are checked against a server-maintained whitelist of es before granting access. Tools such as Ubiquiti's UniFi platform facilitate this for wireless LANs by enabling filtering in the settings, allowing administrators to create an allow list that restricts connections to only specified devices on a per-SSID basis. The primary benefits of LAN whitelisting include preventing rogue devices from joining corporate or home networks, thereby reducing the risk of internal threats such as unauthorized data access or lateral movement by . However, MAC addresses can be easily spoofed by attackers, allowing unauthorized devices to impersonate approved ones and bypass restrictions; mitigations include combining with stronger protocols like full 802.1X or Network Access Control (NAC) systems for posture assessment. It seamlessly integrates with NAC systems, which enforce policies by combining MAC-based validation with broader posture assessments to dynamically authorize or devices upon connection. In practice, this approach enhances overall , as seen in configurations where only whitelisted MAC addresses are permitted to access sensitive subnets, isolating critical resources like servers from general user traffic. Maintenance of LAN whitelists requires handling device changes through dynamic updates via servers, which centralize databases and support real-time additions or revocations without manual switch reconfiguration. This is particularly vital in IoT-heavy environments, with approximately 21 billion connected IoT devices worldwide as of 2025, necessitating scalable whitelisting to manage diverse endpoints like smart sensors and appliances securely. For external extensions, IP whitelisting can complement LAN controls by applying similar rules at firewalls for inbound traffic from trusted sources.

References

  1. https://www.techtarget.com/whatis/definition/whitelist
  2. https://www.csoonline.com/article/569493/whitelisting-explained-how-it-works-and-where-it-fits-in-a-security-program.html
  3. https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-167.pdf
  4. https://www.securden.com/educational/application-whitelisting.html
  5. https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white
  6. https://www.merriam-webster.com/dictionary/whitelist
  7. https://csrc.nist.gov/glossary/term/whitelist
  8. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-167.pdf
  9. https://www.sangfor.com/glossary/cybersecurity/what-is-whitelist
  10. https://docs.oracle.com/cd/E57471_01/bigData.100/data_processing_bdd/src/rdp_cli_white_black_lists.html
  11. https://multicians.org/multics-data-security.html
  12. https://owasp.org/www-chapter-frankfurt/assets/slides/21_OWASP_Frankfurt_Stammtisch.pdf
  13. https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html
  14. https://spamassassin.apache.org/
  15. https://support.mozilla.org/en-US/kb/thunderbird-and-junk-spam-messages
  16. https://support.microsoft.com/en-us/office/add-recipients-to-the-safe-senders-list-in-outlook-be1baea0-beab-4a30-b968-9004332336ce
  17. https://www.dnswl.org/?page_id=15
  18. http://www.postfix.org/access.5.html
  19. https://www.helpnetsecurity.com/2007/07/16/open-source-filtering-solutions-and-the-spam-problem/
  20. https://learn.microsoft.com/en-us/defender-office-365/tenant-allow-block-list-email-spoof-configure
  21. https://help.proofpoint.com/Proofpoint_Essentials/Email_Security/Administrator_Topics/090_filtersandsenderlists/Setting_up_sender_lists
  22. https://mimecastsupport.zendesk.com/hc/en-us/articles/34000390156947-Policies-Configuring-Permitted-Senders-Policy
  23. https://help.proofpoint.com/Proofpoint_Essentials/Email_Security/Administrator_Topics/090_filtersandsenderlists/Sender_List_Information_via_API
  24. https://developer.services.mimecast.com/docs/cloudgateway/1/routes/api/managedsender/permit-or-block-sender/post
  25. https://learn.microsoft.com/en-us/defender-office-365/siem-integration-with-office-365-ti
  26. https://assets.mimecast.com/api/public/content/5fee3975ec8e4d8991edfa3e71f496ae?v=1df7ba8a
  27. https://www.g2.com/products/microsoft-microsoft-defender-for-office-365/pricing
  28. https://www.spambrella.com/proofpoint-essentials-licensing-pricing-renewals/
  29. https://blog.barracuda.com/2024/10/16/the-evolution-of-email-security--from-basic-filters-to-advanced-
  30. https://www.proofpoint.com/sites/default/files/customer-stories/pfpt-us-cs-major-financial-institution.pdf
  31. https://adblockplus.org/acceptable-ads
  32. https://en.ryte.com/wiki/Acceptable_Ads
  33. https://acceptableads.com/standard/
  34. https://www.acceptableadscommittee.org/
  35. https://iabtechlab.com/standards/iab-new-ad-portfolio-guidelines/
  36. https://www.admonsters.com/ad-blocking-a-54b-problem-for-publishers-in-2024/
  37. https://resources.eyeo.com/how-retailers-can-reach-ad-filtering-users
  38. https://engineering.nyu.edu/news/ad-blockers-may-be-showing-users-more-problematic-ads-study-finds
  39. https://iabtechlab.com/ads-txt-dont-blame-the-tools-learn-how-to-use-them/
  40. https://support.google.com/chrome/a/answer/7532419?hl=en
  41. https://community.norton.com/t/add-exception-for-website/239261
  42. https://help.qustodio.com/hc/en-us/articles/360005216737-How-do-I-block-or-allow-websites-using-Qustodio
  43. https://techdocs.broadcom.com/content/dam/broadcom/techdocs/symantec-security-software/web-and-network-security/proxysg/6-7/generated-pdfs/Content_Filtering_Solution.pdf
  44. https://www.qustodio.com/en/blog/how-to-web-filtering/
  45. https://safebrowsing.google.com/
  46. https://transparencyreport.google.com/safe-browsing
  47. https://www.zenarmor.com/docs/network-security-tutorials/what-is-web-filtering
  48. https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-commands
  49. https://docs.serversaustralia.com.au/docs/how-to-whitelist-an-ip-address-in-iptables
  50. https://www.cyberciti.biz/tips/linux-iptables-how-to-specify-a-range-of-ip-addresses-or-ports.html
  51. https://docs.rackspace.com/docs/introduction-to-iptables
  52. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html
  53. https://aws.amazon.com/blogs/security/use-ec2-instance-connect-to-provide-secure-ssh-access-to-ec2-instances-with-private-ip-addresses/
  54. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html
  55. https://aws.amazon.com/blogs/storage/use-ip-whitelisting-to-secure-your-aws-transfer-for-sftp-servers/
  56. https://www.cisco.com/c/en/us/td/docs/security/asa/asa-cli-reference/A-H/asa-command-ref-A-H/ad-aq-commands.html
  57. https://docs.netgate.com/pfsense/en/latest/firewall/configure.html
  58. https://docs.netgate.com/pfsense/en/latest/firewall/aliases.html
  59. https://www.baeldung.com/linux/allowing-traffic-from-dynamic-ip-address
  60. https://www.knownhost.com/kb/how-to-use-dynamic-dns-to-automatically-whitelist-your-ip/
  61. https://www.strongdm.com/blog/ip-whitelisting
  62. https://nordlayer.com/blog/ip-whitelisting-for-cloud-security/
  63. https://www.security.com/expert-perspectives/good-and-bad-3-common-ip-whitelisting-scenarios
  64. https://ones.com/blog/enhancing-network-security-ip-whitelist-configuration-guide/
  65. https://www.rapidseedbox.com/blog/ip-whitelisting
  66. https://www.utunnel.io/blog/cybersecurity/ip-whitelisting-for-controlled-access
  67. https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview
  68. https://support.apple.com/en-us/102445
  69. https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/applocker/understanding-the-publisher-rule-condition-in-applocker
  70. https://learn.microsoft.com/en-us/intune/intune-service/protect/endpoint-security-app-control-policy
  71. https://www.crowdstrike.com/wp-content/brochures/preventing_malware/preventing_malware_and_beyond.pdf
  72. https://www.crowdstrike.com/en-us/cybersecurity-101/endpoint-security/next-generation-antivirus-ngav/
  73. https://networklessons.com/cisco/ccie-routing-switching-written/mac-authentication-bypass-mab
  74. https://help.ui.com/hc/en-us/articles/18565355579799-MAC-Address-Restricting
  75. https://www.sei.cmu.edu/blog/radio-frequency-attacks-securing-the-osi-stack/
  76. https://www.portnox.com/cybersecurity-101/what-is-a-mac-filtering-router/
  77. https://community.cisco.com/t5/switching/whitelisting-hosts-for-vlan-access/td-p/2303156
  78. https://iot-analytics.com/number-connected-iot-devices/
  79. https://docs.fortinet.com/document/fortiap/7.6.4/fortiwifi-and-fortiap-configuration-guide/86726/mac-based-authentication
Add your contribution
Related Hubs
User Avatar
No comments yet.