SecureAPlus: application whitelisting for additional security - gHacks Tech News

SecureAPlus: application whitelisting for additional security

Most Windows users these days run a firewall and up to date antivirus software, either those that ship with the operating system or advanced third party tools. Experienced users on the other hand often use other types of security related software to improve the system's overall security. This may include a sandboxing program like Sandboxie, exploit mitigation software like EMET, or programs that whitelist applications.

The latter is a simple but very effective concept. Only allow trusted programs to run on the program and block every other program that tries to run. Users get options to whitelist applications which is handy when new programs get installed or existing ones upgraded.

SecureAPlus Review

SecureAPlus is a program for Windows that combines application whitelisting with antivirus protection. What's interesting right from the start is that you do not have to install the antivirus component - it is ClamAV by the way - if you want to keep using your current security solution.

secureaplus

Note: The program uses an online installer by default which loads contents from the Internet during installation. You can request a link to an offline installer by mailing support.

When you start the program for the first time you will notice that it starts to scan the system to create the initial whitelist database. This can take quite some time depending on the programs you have installed on your system.

A click on status in the application whitelisting interface displays the current status of the process. If you see "in progress" or "running" there, you know that your system is still being crawled. You can browse the configuration here though to make changes to it while the database file is generated.

The default whitelist is generated based on a list of trusted certificates the application ships with. It includes a large list of companies, Adobe, Microsoft, Acer, Intel, Malwarebytes and many others. You can add or remove vendors easily from that list, for instance to reduce it in size or add vendor certificates to it.

trusted certificates

It is possible to modify the certificate whitelisting, either to relax its rule set by trusting certificates as long as they are trusted by the operating system, or by securing it even more by limiting the list to files that need to have the certificate name and thumbprint in the trusted certificate list.

Another interesting feature that you will come across is the list of restricted applications in the Application Whitelisting interface. This refers to programs that may download, copy, or extract files from sources such as the Internet or removable media. While the programs listed here are still allowed to do so, SecureAPlus will limit the rights of files that land on the system by using those programs listed here.

The application supports process protecting as well, but it has not been built into the main graphical user interface. You need to open the program folder and start the process protector executable there to configure the feature.

It prevents code injection into processes that you specify here.

process protector

Once the initial setup is out of the way, your system is protected for as long as the program is running in the background. You will probably notice this the first time when you try to launch a new executable on your system. If it is not by one of the signed companies, it will spawn a notification window that requests that you make a decision on how to proceed.

secureage

The application displays the process name and ID, as well as a basic description of what it believes the process tries to do. A click on the more link displays additional options. You can allow the process for the session only, set the program to trust the file but do not add the process as a trusted installer, or notify the application that the process is not what it believes it to be.

Verdict

If you want to add application whitelisting to your defense lineup on your PC, then you may want to give SecureAPlus a chance as it appears to be well suited for that. The only downside to that is that the current version will expire in a year's time. It seems possible to extend that period, but it is very likely that this has been implemented so that the program can be sold commercially at one point in the future.

That does not necessarily mean that there won't be a free version though.

Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Winston said on August 13, 2013 at 7:10 pm
    Reply

    … not on topic for this post but in keeping with the gHacks qotd…

    The “peach” theme is nice.
    The thin strip on top ties nicely with the logo and the grey nav bar calls more attention to the topics.
    I still like the larger font and greater use of white space to make things feel less claustraphobic.
    Still hatin’ the black reply buttons on the left.

    Verdict: “white” is a very close second, but “peach” carries your site’s branding better – more unique / less generic.

    1. Martin Brinkmann said on August 14, 2013 at 3:00 am
      Reply

      I get to those reply buttons eventually, so much to fix right now. Thanks for your comment!

      1. ilev said on August 14, 2013 at 3:28 am
        Reply

        Any chance of adding “Edit” ?

      2. Martin Brinkmann said on August 14, 2013 at 4:02 am
        Reply

        Comment editing?

      3. Martin Brinkmann said on August 14, 2013 at 4:46 am
        Reply

        I have added a plugin that lets you edit comments for 5 minutes after submitting them. Let me know if that works for you.

  2. Dawghouse2001 said on August 14, 2013 at 5:16 am
    Reply

    SecureAPlus- I tried this out but not sure why but it would crash my pc.I have uninstalled it and my pc is back to normal…..

  3. ilev said on August 14, 2013 at 5:18 am
    Reply

    Comment editing ? yes.

    Testing, testing.

    Editing… Nice, very very nice. :-)

    Great addition.

    p.s what with the date and time ?
    It’s Aug. 14, 12:18 pm , Time on site is 5:18 am

    1. Martin Brinkmann said on August 14, 2013 at 5:50 am
      Reply

      It is showing server time.

      1. ilev said on August 14, 2013 at 9:45 am
        Reply

        The server is in US ?

      2. Martin Brinkmann said on August 14, 2013 at 10:12 am
        Reply

        Yes

      3. ilev said on August 14, 2013 at 11:10 am
        Reply

        Now if you can fix the scrolling problem :-)

        Upper 1/3 part of the page scrolls down o.k, than scrolling continues with small jumps..

  4. Solidstate said on August 14, 2013 at 2:13 pm
    Reply

    There is already functionality like this built into Windows. It’s known as a Software Restriction Policy, or if you’re running Windows 7 Ultimate and/or Windows 8 Enterprise (for some reason Pro doesn’t have this) you can use SRP’s replacement which is called AppLocker.

    1. Conan said on August 16, 2013 at 8:56 pm
      Reply

      Yes, but it’s not present in Windows 7 Home Basic/Premium.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.