Whitelist

A whitelist is a list of email addresses, IP addresses, or applications that are deemed safe and allowed to run or be seen on a device or network. Where blacklists only block items on the list, whitelists are similar to a VIP list and only allow entry to the items on that list. They are both often used as cybersecurity measures.

Common uses of whitelisting

  • Email: Perhaps the most popular use for whitelisting is for blocking spam and phishing attempts from an email inbox by creating a safe senders list. This ensures that emails from senders you want to see don t end up in a spam folder, and spam emails don t show up in your inbox.
  • IP Addresses: IP whitelisting is used to grant network access only to certain IP addresses. While this has been used as a security measure, it does have its drawbacks. First of all, IP addresses are not constant and can change often. Second, IP addresses can be spoofed using a VPN and can cause your network to become less secure.
  • Applications: Application whitelisting refers to whitelisting only trusted and secure applications on a device. The ability to whitelist applications is usually added onto an OS. This practice is often used on employee computers that are monitored by an administrator to keep the network safe and employees from downloading apps that might inhibit productivity. Application whitelisting also poses the risk of an attacker replacing a whitelisted application with a malicious one by ensuring they have the same specifications. You can take additional security steps by applying cryptographic hashing.

Note: In recent years, prominent members of the computing industry have started to shift away from using the terms whitelist and blacklist because of their negative connotation and have instead shifted to allowlist/denylist or passlist/blocklist.

Vangie Beal
Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.

Related Articles

@ Sign

Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...