Application whitelisting is a security approach where only pre-approved software may execute on a system. Everything not explicitly permitted is blocked.
This principle directly implements ISO 27001 Annex A control A.8.19 (Software Installation) and is one of the most effective measures against malware and unauthorized software. Compared to blacklisting (blocking known malware), whitelisting has a structural advantage because new, unknown malware is automatically prevented from running. Tools include AppLocker, WDAC (Windows), and fapolicyd (Linux). The main challenge is maintaining the whitelist, especially with frequent software updates.