{"id":19089,"date":"2023-11-03T20:30:11","date_gmt":"2023-11-03T20:30:11","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=19089"},"modified":"2024-07-29T14:02:57","modified_gmt":"2024-07-29T14:02:57","slug":"whitelisting-vs-blacklisting-which-is-better","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/","title":{"rendered":"Whitelisting vs Blacklisting: How Are They Different?"},"content":{"rendered":"\n<p>Whitelisting, blacklisting, and greylisting control IT access through their respective principles of explicit trust, distrust, and quarantining.<\/p>\n\n\n\n<p>Also known as allowlisting, denylisting, and tracklisting, respectively, these cybersecurity principles apply broadly throughout information technology (IT) and can help manage a wide range of threats across assets and sources.<\/p>\n\n\n\n<p>We will explore the pros, cons, and use cases for each technique, in brief in the chart below and then in greater depth.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th class=\"has-text-align-center\" data-align=\"center\">Technique<\/th><th class=\"has-text-align-center\" data-align=\"center\">Security type<\/th><th class=\"has-text-align-center\" data-align=\"center\">Default Setting<\/th><th>When to Use<\/th><th>Main Drawback<\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-center\" data-align=\"center\"><strong>Whitelist<\/strong><br><strong>(aka: Allowlist)<\/strong><\/td><td class=\"has-text-align-center\" data-align=\"center\">Trust-centric<\/td><td class=\"has-text-align-center\" data-align=\"center\">Always Deny<\/td><td>Strictly limit access to known good sources<\/td><td>Difficult to maintain<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\"><strong>Blacklist<\/strong><br><strong>(aka: Denylist)<\/strong><\/td><td class=\"has-text-align-center\" data-align=\"center\">Threat-centric<\/td><td class=\"has-text-align-center\" data-align=\"center\">Always Allow<\/td><td>Block known malicious sources<\/td><td>Never-ending process<\/td><\/tr><tr><td class=\"has-text-align-center\" data-align=\"center\"><strong>Greylist<\/strong><br><strong>(aka: Tracklist)<\/strong><\/td><td class=\"has-text-align-center\" data-align=\"center\">Threat-centric<\/td><td class=\"has-text-align-center\" data-align=\"center\">Quarantine, then investigate<\/td><td>Quarantine potentially malicious sources<\/td><td>Can block legitimate sources<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<div style=\"padding: 30px 50px 10px 50px; border-radius: 10px; box-shadow: 0 0 25px #e5e5e5;\"><style=\"font-size: 0.5em; font-weight: 300; color: gray;\">SPONSORED\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6d9a33d170\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6d9a33d170\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#Take-control-of-what-can-run-on-your-endpoint-with-ThreatLocker%C2%AE-Allowlisting\" title=\"Take control of what can run on your endpoint with ThreatLocker\u00ae Allowlisting\">Take control of what can run on your endpoint with ThreatLocker\u00ae Allowlisting<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#What-is-Whitelisting\" title=\"What is Whitelisting?\">What is Whitelisting?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#What-is-Blacklisting\" title=\"What is Blacklisting?\">What is Blacklisting?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#What-is-Greylisting\" title=\"What is Greylisting\">What is Greylisting<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#Whitelisting-vs-Blacklisting-vs-Greylisting-Use-Them-All\" title=\"Whitelisting vs. Blacklisting vs Greylisting? Use Them All\">Whitelisting vs. Blacklisting vs Greylisting? Use Them All<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#Alternative-Terms\" title=\"Alternative Terms\">Alternative Terms<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#Bottom-Line-All-Listing-Techniques-Strengthen-a-Security-Stack\" title=\"Bottom Line: All Listing Techniques Strengthen a Security Stack\">Bottom Line: All Listing Techniques Strengthen a Security Stack<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Take-control-of-what-can-run-on-your-endpoint-with-ThreatLocker%C2%AE-Allowlisting\"><\/span>Take control of what can run on your endpoint with ThreatLocker\u00ae Allowlisting<span class=\"ez-toc-section-end\"><\/span><\/h2><p>ThreatLocker\u00ae Allowlisting implements least privilege technologies to:\n<li>Block all unknown and untrusted software from running in your environment, preventing ransomware, zero-days, and shadow IT. \n<li>Prevent the weaponization of trusted software with Ringfencing\u2122 technology.\n<li>Significantly reduce false positives and false negatives.\n<li>Log and monitor every event 24\/7\/365, from simple executions of allowed software to all denied attempted cyberattacks.\n<li>Sign up for a free trial and demo\n<\/li>\n<br><center><a style=\"background-color: #5E3CD7; color: white; text-decoration: none; border-radius: 20px; padding: 10px;\" href=\"https:\/\/www.threatlocker.com\/platform\/allowlisting?utm_source=technology_advice&#038;utm_medium=sponsor&#038;utm_campaign=whitelisting-v-blacklisting_q3&#038;utm_content=whitelisting-v-blacklisting&#038;utm_term=article\" target=\"_blank\" rel=\"sponsored nofollow noopener\"><strong>Visit ThreatLocker<\/strong><\/a><\/center><\/p><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What-is-Whitelisting\"><\/span>What is Whitelisting?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Whitelisting, or allowlisting, uses the fundamental principles of \u201c<a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\">zero trust<\/a>\u201d to deny access by default and only allows explicitly permitted sources to access an asset. Whitelisting can be applied to any asset (<a href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security\/\">network<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/antivirus-vs-epp-vs-edr\/\">endpoint<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/applications\/application-security-definition\/\">application<\/a>, etc.) to permit specific access to any type of source (users, devices, applications, IP addresses, etc.).<\/p>\n\n\n\n<p>The U.S. National Institute of Standards and Technology (NIST) has published a <a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/167\/final\" target=\"_blank\" rel=\"noreferrer noopener\">Guide to Application Whitelisting<\/a> that recommends using two of the following attributes together to define an application for whitelisting:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>File Path<\/strong> allows all applications to execute within a specific file path or directory, which is a broad attribute that can&#8217;t prevent malicious software from executing within the correct path.<\/li>\n\n\n\n<li><strong>File Name<\/strong> allows a particular naming convention to execute but does not check for renamed malicious files or malware-infected files.<\/li>\n\n\n\n<li><strong>File Size<\/strong> checks for the file size only, and can easily allow malware of the appropriate file size to execute.<\/li>\n\n\n\n<li><strong>Digital Signature<\/strong> can be a unique value for an application, but may become obsolete as <a href=\"https:\/\/www.esecurityplanet.com\/networks\/patch-management\/\">patches<\/a> and updates are applied.<\/li>\n\n\n\n<li><strong>Cryptographic Hash<\/strong> enables the most unique and least spoofable value for whitelisting, but will be invalidated by any patching and updates applied to the software.<\/li>\n<\/ul>\n\n\n\n<p>These guidelines apply specifically to applications, but the methods help to illustrate considerations that apply to whitelisting in general: How to define the allowed source sufficiently to be recognized uniquely, but not so narrowly that slight changes deny access.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Advantages of Whitelisting<\/h3>\n\n\n\n<p>Whitelisting very effectively blocks untrusted sources and provides superior protection against <a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware-types\/\">malware<\/a> and attacks. Whitelisting restricts access strictly to already known and trusted sources such as existing and approved apps, users, websites, and IP addresses.<\/p>\n\n\n\n<p>Comparing against a whitelist will be computationally efficient compared to the full analysis of a source. Using whitelists also reduces the possibility of a false positive analysis that incorrectly declares a malicious source to be safe.<\/p>\n\n\n\n<p>A hidden benefit (and challenge) is that whitelisting forces the enforcement of basic asset and user tracking. Assets and users that are not included in the whitelist will be rejected, which will automatically deny rogue devices, unauthorized software, and unauthorized users.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Whitelisting Advantages<\/th><th>Whitelisting Disadvantages<\/th><\/tr><\/thead><tbody><tr><td><strong><code>\u2022<\/code><\/strong> Blocks untrusted sources<br><strong><code>\u2022<\/code><\/strong> Computationally efficient<br><code><strong><code>\u2022<\/code><\/strong><\/code> Reduces false positives in threat detection<br><strong><code>\u2022<\/code><\/strong> Enforces basic asset and user tracking strictly<\/td><td><strong><code>\u2022<\/code><\/strong> Labor intensive<br><strong><code>\u2022<\/code><\/strong> Time consuming<br><strong><code>\u2022<\/code><\/strong> Can slow productivity<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Disadvantages of Whitelisting<\/h3>\n\n\n\n<p>Whitelisting can be labor-intensive and time-consuming to maintain. Every new user, device, application, or IP address will be initially denied until the team maintaining the whitelists can add the information to every relevant whitelist.<\/p>\n\n\n\n<p>Delays in adding resources to whitelists will slow productivity and make the security team a potential bottleneck unless the whitelisting can be linked to resources such as <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-iam-software\/\">identity and access management<\/a> (IAM), <a href=\"https:\/\/www.esecurityplanet.com\/products\/privileged-access-management-pam-software\/\">privileged access management<\/a> (PAM), <a href=\"https:\/\/www.esecurityplanet.com\/products\/network-access-control-solutions\/\">Network Access Control<\/a> (NAC), <a href=\"https:\/\/www.esecurityplanet.com\/networks\/a-powershell-script-to-mitigate-active-directory-security-risks\/\">Active Directory<\/a> groups, etc. To counteract such delays, organizations need to be proactive with onboarding and adding resources so that the teams adding resources to whitelists will be notified in a timely manner or self-service options can be made available.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Whitelisting Use Cases<\/h3>\n\n\n\n<p>Whitelisting should be used whenever the <strong>access can be well-defined<\/strong>, such as for internal resources. Examples of effective whitelisting use cases include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Email address <\/strong>whitelisting to ensure proper email delivery from trusted senders in an <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-email-security-software\/\">email security<\/a> program<\/li>\n\n\n\n<li><strong>IP address<\/strong> whitelisting on a <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\">firewall<\/a> for branch offices<\/li>\n\n\n\n<li><strong>Web address<\/strong> whitelisting on a server to reduce the potential outside connections for a vulnerable asset<\/li>\n\n\n\n<li><strong>Device MAC Address<\/strong> whitelisting to allow access to corporate devices on a network<\/li>\n\n\n\n<li><strong>Application <\/strong>whitelisting for corporate applications to access an internal database<\/li>\n\n\n\n<li><strong>User <\/strong>whitelisting for an internal corporate application<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What-is-Blacklisting\"><\/span>What is Blacklisting?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Blacklisting, or denylisting, is a security measure that blocks known malicious users, IP addresses, web sites, machines, or programs from accessing an organization\u2019s resources. Many security solutions will build in a blacklist as part of an anti-malware or an attack-blocking security feature and an organization can manually add to some lists. Blacklisting does not satisfy the principles of <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\">zero trust<\/a> because the default condition for access will be to generally allow access unless blacklisted.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Advantages of Blacklisting<\/h3>\n\n\n\n<p>Blacklisting proactively blocks malicious sources and can be accomplished without great technical effort. Similarly to whitelisting, blacklisting effectively blocks untrustworthy sources and reduces the danger of false negatives in which a legitimate source is incorrectly declared to be malicious.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Blacklisting Advantages<\/th><th>Blacklisting Disadvantages<\/th><\/tr><\/thead><tbody><tr><td><strong><code>\u2022<\/code><\/strong> Blocks untrusted sources<br><strong><code>\u2022<\/code><\/strong> Reduces false negatives in threat detection<\/td><td><strong><code>\u2022<\/code><\/strong> Labor intensive<br><strong><code>\u2022<\/code><\/strong> Time delayed<br><strong><code>\u2022<\/code><\/strong> More risky than whitelisting<br><strong><code>\u2022<\/code><\/strong> Useless against unknown threats<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Disadvantages of Blacklisting<\/h3>\n\n\n\n<p>For manual blacklists, the process is simple, but labor intensive. As with an infinitely large game of whack-a-mole, malicious actors can easily change IP addresses, URLs, machines, and users to constantly add to the list of items to add to a blacklist. For example, <a href=\"https:\/\/www.av-test.org\/en\/statistics\/malware\/\" target=\"_blank\" rel=\"noreferrer noopener\">every day over 450,000 new<\/a> potentially malicious or unwanted applications are registered by the AV-TEST Institute.<\/p>\n\n\n\n<p>Many commercial tools (<a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\">next generation firewalls<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/products\/secure-web-gateway-vendors\/\">secure web gateways<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/products\/antivirus-software\/\">antivirus<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/products\/edr-solutions\/\">endpoint detection and response<\/a>, etc.) will automatically update blacklists. However, there will naturally be a delay between the launch of a malicious campaign (malware, malicious IP, malicious spam url, etc.), the detection of the malicious component, and its addition to a blacklist.<\/p>\n\n\n\n<p>However, once a device, URL, or IP address is blocked, it will become difficult to remove it. A potential customer placed on the blacklist because of a previous (and since removed) botnet infection will find it difficult to use the blacklisted domain or device to contact the organization to be removed from the blacklist.<\/p>\n\n\n\n<p>Lastly, unknown threats cannot be stopped by a blacklist. Blacklists require a threat to be identified distinctly in order to be added.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Blacklisting Use Cases<\/h3>\n\n\n\n<p>Blacklisting will often be the solution of choice when the potential access sources cannot be easily defined, such as for public resources. Examples of effective blacklisting use cases include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Email address<\/strong> blacklisting of known spam or malware-sending email addresses in an email security program<\/li>\n\n\n\n<li><strong>IP address<\/strong> blacklisting of the source of malicious attacks in a firewall<\/li>\n\n\n\n<li><strong>Web address<\/strong> blacklisting of pornography websites on a DNS server<\/li>\n\n\n\n<li><strong>Device MAC Address<\/strong> blacklisting of known-malicious devices such as known botnets<\/li>\n\n\n\n<li><strong>Application<\/strong> blacklisting such as malware signatures in an antivirus program<\/li>\n\n\n\n<li><strong>User<\/strong> blacklisting of user that violated community rules in a discussion forum<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What-is-Greylisting\"><\/span>What is Greylisting<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Greylisting, or tracklisting, is equivalent to a less-stringent blacklist. Greylisted items are temporarily blocked until they can be further analyzed and confirmed to be either safe or dangerous. Tools can automatically quarantine users, email addresses, IP addresses, and other items until it is determined if they should be moved to a whitelist or a blacklist.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Advantages of Greylisting<\/h3>\n\n\n\n<p>Greylists provide temporary protection against potential threats until they can be analyzed. Commercial tools that use greylisting will typically recognize new sources or unusual activity on existing sources and perform automatic actions to add the source to a greylist pending further investigation.<\/p>\n\n\n\n<p>Similar to blacklisting and whitelisting, greylisting can block untrusted sources and reduce false negatives in threat detection that might otherwise allow malicious sources incorrect levels of access. Greylisting can be used more aggressively than blacklisting since formal processes for review can be established and executed to evaluate greylist sources regularly.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Greylisting Advantages<\/th><th>Greylisting Disadvantages<\/th><\/tr><\/thead><tbody><tr><td><strong><code>\u2022<\/code><\/strong> Blocks untrusted sources<br><strong><code>\u2022<\/code><\/strong> Reduces false negatives in threat detection<\/td><td><strong><code>\u2022<\/code><\/strong> Labor intensive<br><strong><code>\u2022<\/code><\/strong> Time delays<br><strong><code>\u2022<\/code><\/strong> Can slow productivity<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Disadvantages of Greylisting<\/h3>\n\n\n\n<p>Although tools can automatically add sources to a greylist, IT staff must often manually review quarantine lists for categorization. This can be labor-intensive and introduce time delays for legitimate sources.<\/p>\n\n\n\n<p>As with blacklisting, a near-infinite number of new sources can attempt to access company resources and be added to a greylist, including many legitimate sources that may simply be new. Greylists can more effectively stop unknown threats than a blacklist, but will introduce more false positives (adding legitimate sources to the greylist) because it will generally be applied more aggressively than a blacklist.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Greylisting Use Cases<\/h3>\n\n\n\n<p>Greylists, similar to blacklists, will be most effectively applied to public resources when the list of potential access sources cannot be easily defined. Greylists should be used instead of blacklists to quickly quarantine suspicious sources for future review.<\/p>\n\n\n\n<p>Many tool providers use artificial intelligence (AI) or machine learning (ML) algorithms to detect anomalies and new sources to automatically add them to a greylist. Examples of effective greylisting include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Email address<\/strong> greylisting of potential spam resources (most common usage)<\/li>\n\n\n\n<li><strong>IP address<\/strong> greylisting of suspicious packets passing through a firewall<\/li>\n\n\n\n<li><strong>Web address<\/strong> greylisting of URLs with recent creation dates (often an indicator of malware sources) on a secure web gateway<\/li>\n\n\n\n<li><strong>Device MAC Address<\/strong> greylisting of devices for an internal network that don\u2019t meet <a href=\"https:\/\/www.esecurityplanet.com\/compliance\/patch-management-policy\/\">patch update requirements<\/a> and pushing those devices into a <a href=\"https:\/\/www.esecurityplanet.com\/networks\/dmz-network\/\">DMZ network<\/a> pending remediation<\/li>\n\n\n\n<li><strong>Application<\/strong> greylisting for unknown applications on a company computer that just connected to the network<\/li>\n\n\n\n<li><strong>User<\/strong> greylisting of self-enrolled users pending internal approval for access to an application or network<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Whitelisting-vs-Blacklisting-vs-Greylisting-Use-Them-All\"><\/span>Whitelisting vs. Blacklisting vs Greylisting? Use Them All<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Blacklisting, whitelisting, and greylisting all perform specific functions with specific pros and cons. However, all three protect against malware or malicious access and thus generally reduce vulnerabilities and the risks from outside threats.<\/p>\n\n\n\n<p>However, none of these solutions are foolproof.&nbsp; Malicious devices can use stolen whitelisted user credentials, malicious users can compromise whitelisted devices, and attackers can spoof whitelisted resources to cause damage.<\/p>\n\n\n\n<p>Similarly, some users, IP addresses, or devices added to a blacklist may be temporarily compromised, such as a computer infected with a botnet used to generate <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-stop-ddos-attacks-tips-for-fighting-ddos-attacks\/\">distributed denial of service<\/a> (DDoS) attacks. Once the botnet infection is removed, the device will return to being a legitimate user unworthy of a blacklist.<\/p>\n\n\n\n<p>Despite potential weaknesses, each technique independently improves security, and becomes even more powerful when used in combination with each other. Examples of lists used in combination include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Blacklist known malware domains on firewalls protecting a network, greylist unknown devices, and whitelist known, trusted users and machines to access a network management console<\/li>\n\n\n\n<li>A secure web gateway may offer a whitelist for known-good devices, a blacklist for known-malicious URLs, and a greylist for suspicious users, devices, and URLs<\/li>\n<\/ul>\n\n\n\n<p>A combined approach reduces the likelihood that a single mistake on any one list will lead to significant damage either to the organization (from malicious attacks) or to operations (from inappropriately denied access).<\/p>\n\n\n\n<p>To determine the optimal mix for an organization, the managing security team must determine:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>How many resources can be deployed to maintaining lists or evaluating quarantined sources?<\/li>\n\n\n\n<li>How strict or flexible should access be to specific resources?<\/li>\n\n\n\n<li>What are acceptable risks?<\/li>\n\n\n\n<li>How will these techniques complement and improve the security stack?<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Alternative-Terms\"><\/span>Alternative Terms<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Although whitelisting, blacklisting and greylisting remain industry standard terms, many users, vendors, and organizations now push to use less-loaded terms. The colors of white, black, and gray link uncomfortably to racial prejudice and will probably be phased out within a few years.<\/p>\n\n\n\n<p>Many vendors, <a href=\"https:\/\/docs.vmware.com\/en\/VMware-Workspace-ONE-UEM\/services\/UEM_Managing_Devices\/GUID-DenylistAndAllowlistDeviceRegistrations.html\" target=\"_blank\" rel=\"noreferrer noopener\">such as VMware<\/a>, have already made the transition, so professionals need to be familiar with all variations so they can locate the appropriate options within their security tools:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Whitelist: allowlist, allow-list, permitted-list, approved-list<\/li>\n\n\n\n<li>Blacklist: denylist, deny-list, blocked-list, disapproved-list<\/li>\n\n\n\n<li>Greylist (or graylist): track list, inspect list, quarantine list<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Bottom-Line-All-Listing-Techniques-Strengthen-a-Security-Stack\"><\/span>Bottom Line: All Listing Techniques Strengthen a Security Stack<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Whitelisting, blacklisting, and greylisting all play important roles in protecting data and assets. However, they each also have limitations so these techniques cannot be relied upon independently. To be truly effective, an organization must incorporate listing strategies into their security stack in a way that reduces their risk without overly taxing their resources.<\/p>\n\n\n\n<p><strong>Read next:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-secure-a-network\/\"><strong>Network Protection: How to Secure a Network<\/strong><\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.esecurityplanet.com\/networks\/vulnerability-scanning-tools\/\"><strong>8 Best Vulnerability Scanner Tools &amp; Software for 2023<\/strong><\/a><\/li>\n<\/ul>\n\n\n\n<p><em>This article was originally written by <a href=\"https:\/\/www.esecurityplanet.com\/author\/jiwuozor\/\">John Iwouzor<\/a> on August 26, 2021. It was updated and rewritten by Chad Kime on November 3, 2023.<\/em><\/p>\n\n\n<div id=\"ta-campaign-widget-66d6d9a33aca0-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6d9a33aca0\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6d9a33aca0\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6d9a33aca0\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6d9a33aca0\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6d9a33aca0\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6d9a33aca0\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.<\/p>\n","protected":false},"author":271,"featured_media":32696,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[22],"tags":[6455,839,9651],"b2b_audience":[33],"b2b_industry":[],"b2b_product":[394,384,31789],"class_list":["post-19089","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-applications","tag-access-management","tag-email-security","tag-faq","b2b_audience-awareness-and-consideration","b2b_product-email-security","b2b_product-identity-management-privacy","b2b_product-phishing-and-spear-phishing"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Whitelisting vs Blacklisting: How Are They Different?<\/title>\n<meta name=\"description\" content=\"Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Whitelisting vs Blacklisting: How Are They Different?\" \/>\n<meta property=\"og:description\" content=\"Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-03T20:30:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-29T14:02:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1400\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Chad Kime\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chad Kime\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\"},\"author\":{\"name\":\"Chad Kime\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9\"},\"headline\":\"Whitelisting vs Blacklisting: How Are They Different?\",\"datePublished\":\"2023-11-03T20:30:11+00:00\",\"dateModified\":\"2024-07-29T14:02:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\"},\"wordCount\":2156,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png\",\"keywords\":[\"access management\",\"email security\",\"FAQ\"],\"articleSection\":[\"Applications\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\",\"name\":\"Whitelisting vs Blacklisting: How Are They Different?\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png\",\"datePublished\":\"2023-11-03T20:30:11+00:00\",\"dateModified\":\"2024-07-29T14:02:57+00:00\",\"description\":\"Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png\",\"width\":1400,\"height\":900,\"caption\":\"Image: photon_photo\/Adobe Stock\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Whitelisting vs Blacklisting: How Are They Different?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9\",\"name\":\"Chad Kime\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg\",\"caption\":\"Chad Kime\"},\"description\":\"eSecurity Planet lead writer Chad Kime covers a variety of security, compliance, and risk topics. Before joining the site, Chad studied electrical engineering at UCLA, earned an MBA from USC, managed 200+ ediscovery cases, and helped market a number of IT and cybersecurity products, then transitioned into technical writing policies and penetration test reports for MSPs and MSSPs. In his free time, Chad enjoys walks on the beach with his wife, annoying his children, and trying to carve out time for movies, books, video games, and bike rides.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/chad-kime\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Whitelisting vs Blacklisting: How Are They Different?","description":"Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/","og_locale":"en_US","og_type":"article","og_title":"Whitelisting vs Blacklisting: How Are They Different?","og_description":"Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.","og_url":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/","og_site_name":"eSecurity Planet","article_published_time":"2023-11-03T20:30:11+00:00","article_modified_time":"2024-07-29T14:02:57+00:00","og_image":[{"width":1400,"height":900,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png","type":"image\/png"}],"author":"Chad Kime","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Chad Kime","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/"},"author":{"name":"Chad Kime","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9"},"headline":"Whitelisting vs Blacklisting: How Are They Different?","datePublished":"2023-11-03T20:30:11+00:00","dateModified":"2024-07-29T14:02:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/"},"wordCount":2156,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png","keywords":["access management","email security","FAQ"],"articleSection":["Applications"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/","url":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/","name":"Whitelisting vs Blacklisting: How Are They Different?","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png","datePublished":"2023-11-03T20:30:11+00:00","dateModified":"2024-07-29T14:02:57+00:00","description":"Trying to decide whether to whitelist or blacklist IPs or apps for network security? Discover what the differences are and why you should probably do both.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/11\/esp_20231103-whitelisting-vs-blacklisting-which-is-better.png","width":1400,"height":900,"caption":"Image: photon_photo\/Adobe Stock"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/applications\/whitelisting-vs-blacklisting-which-is-better\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Whitelisting vs Blacklisting: How Are They Different?"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9","name":"Chad Kime","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg","caption":"Chad Kime"},"description":"eSecurity Planet lead writer Chad Kime covers a variety of security, compliance, and risk topics. Before joining the site, Chad studied electrical engineering at UCLA, earned an MBA from USC, managed 200+ ediscovery cases, and helped market a number of IT and cybersecurity products, then transitioned into technical writing policies and penetration test reports for MSPs and MSSPs. In his free time, Chad enjoys walks on the beach with his wife, annoying his children, and trying to carve out time for movies, books, video games, and bike rides.","url":"https:\/\/www.esecurityplanet.com\/author\/chad-kime\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19089"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/271"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=19089"}],"version-history":[{"count":3,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19089\/revisions"}],"predecessor-version":[{"id":36626,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/19089\/revisions\/36626"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/32696"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=19089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=19089"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=19089"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=19089"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=19089"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=19089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}