Application Control & Change Control Software
Application control provides tight control over which applications are able to run on client devices or on server operating systems.
In some server environments, application control is used as the only security measure, as this is because all application activity is controlled and monitored to the finest detail, and where in some situations this may be sufficient; however it is generally recommended that application control is deployed alongside threat protection software such as anti-virus.
Change control provides protection over changes to files and folders. Generally speaking, for majority of the change control solutions out there, there are two options in which you can specify what you would define as 'critical files and folders' and either prevent changes from occurring, or you can allow all changes to be executed and the change event has been monitored and logged. Basically it's a choice between prevention of the activity or providing a detection mechanism only.
Bit9 delivers application whitelisting software.
Lumension Security is a vendor focussed in endpoint management and security and offers Lumension Application Control/Whitelisting software.
Mcafee offers both application control and change control software solutions as part of their large portfolio of security controls. These are controlled by their EPO central management system.
Quest Software has a number of change auditing software products which include the following as detailed below:
ChangeAuditor for Active Directory,
ChangeAuditor for Exchange
ChangeAuditor for EMC
ChangeAuditor for LDAP
ChangeAuditor for NetApp
ChangeAuditor for SQL Server
ChangeAuditor for Windows File Servers.
Savant is a dedicated vendor for application whitelisting solutions.
Sentrybay is a provider of desktop security products.
Symantec is a worldwide security and storage vendor and offer application control software.
Tripwire provides file integrity and ChangeIQ as part of the change control offering.