A whitelist is a list of email addresses, IP addresses, or applications that are deemed safe and allowed to run or be seen on a device or network. Where blacklists only block items on the list, whitelists are similar to a VIP list and only allow entry to the items on that list. They are both often used as cybersecurity measures.

Common uses of whitelisting

  • Email: Perhaps the most popular use for whitelisting is for blocking spam and phishing attempts from an email inbox by creating a safe senders list. This ensures that emails from senders you want to see don t end up in a spam folder, and spam emails don t show up in your inbox.
  • IP Addresses: IP whitelisting is used to grant network access only to certain IP addresses. While this has been used as a security measure, it does have its drawbacks. First of all, IP addresses are not constant and can change often. Second, IP addresses can be spoofed using a VPN and can cause your network to become less secure.
  • Applications: Application whitelisting refers to whitelisting only trusted and secure applications on a device. The ability to whitelist applications is usually added onto an OS. This practice is often used on employee computers that are monitored by an administrator to keep the network safe and employees from downloading apps that might inhibit productivity. Application whitelisting also poses the risk of an attacker replacing a whitelisted application with a malicious one by ensuring they have the same specifications. You can take additional security steps by applying cryptographic hashing.

Note: In recent years, prominent members of the computing industry have started to shift away from using the terms whitelist and blacklist because of their negative connotation and have instead shifted to allowlist/denylist or passlist/blocklist.

Vangie Beal
Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.

Related Articles


One of Microsoft Office’s core products, PowerPoint – abbreviated to PPT based on its file extension “.ppt” – is a software program used to...


ETL is the acronym for "extract, transform, and load." These three database functions are combined into one tool to pull raw data from one...

Remote Work

Remote work is the habit of someone performing their job from home or another location that isn't owned or managed by the company for...

Direct Digital Marketing

Direct digital marketing is a method of marketing handled primarily through direct digital channels like email and Web. It makes use of addressable mediums....

HighLevel CRM

HighLevel is a sales and marketing customer relationship management (CRM) solution designed by...

Unified Endpoint Management (UEM)

As enterprise networks become increasingly distributed with growing numbers of remote workers, unified...

Decision Intelligence

Decision intelligence combines business intelligence (BI) and artificial intelligence (AI) models to improve...