Application whitelisting is a cybersecurity control that operates on a deny-by-default principle, permitting only explicitly approved and verified applications to execute on a system. Unlike traditional blacklisting approaches that attempt to block known threats, whitelisting creates a comprehensive inventory of legitimate executables, scripts, and libraries—typically validated through cryptographic hashes or digital signatures—and prevents all other software from running, regardless of whether it has been previously identified as malicious.

This proactive security mechanism establishes stringent governance over program execution, effectively blocking unauthorized software including malware, ransomware, and advanced persistent threats, even those with unknown signatures. By implementing application whitelisting, organizations significantly reduce their attack surface across endpoints and servers, enhance system integrity, and support compliance requirements by strictly controlling which software is allowed to operate within their computing environment.