We've compiled a list of the most common Cyber Security companies and their product offerings. You'll notice that the most well-known names out there are all Default Allow!

You'll also notice a couple of new terms aside from Default Allow and
Default Deny in play here. They are:

• Isolation

These solutions run applications in complete isolation (often using CPU- draining Micro VMs – or Virtual Machines) – cut off from the host system.

For example, some of these will run the web browser in isolation because though it's a known good application, it has the ability to download potentially malicious files.

Isolation solutions certainly help prevent infection but the price you pay in usability is VERY steep.

• Sandbox

These solutions place unknown files in a "sandbox" (a controlled environment) where they're allowed to run and are observed to see if they exhibit any malicious behavior, before allowing users to download them. Imagine, you click to download a file but you don't get to use it for a while, sometimes a long while.

As with Isolation technology, this helps prevent infection but the usability price is again very steep.

• Whitelisting

this is really the original Default Deny, which is a whitelist based solution. It'll keep you safe (by only allowing known good files and applications into your environment) but you better like Tetris TM , at least figuratively speaking, as you can ONLY use approved known good files. So kiss your productivity goodbye. And watch out for Carpal Tunnel syndrome from all that Tetris TM !