IT Insight

Blackpoint Gets an App Control Feature

December 14, 2023

Jamie Poindexter

If you are a customer of Blackpoint, you might already beaware they just released an exciting new tool called “Managed ApplicationControl”. This is an application management tool that works with the existingendpoint agent that SOC uses to monitor suspicious activities. It allows you toblock certain applications and reduce risks associated with users usingsoftware that is not approved.If you are an MSP, you most likely have a set of tools forRMM or remote control that you use and pay for. They are kept up to date andsecured to reduce the risk of security events happening. But what if yourclients or employees like to go outside of those tools and use things that arenot approved? This can open the door for attacks. BlackPoint has a set ofcurated applications that work out of the box to block the most commonapplications that could be a threat to your clients. You can whitelist onesthat you do use or add custom apps that you want blocked. For example, if you use Automate for RMM and want to preventother RMM tools from being used you just whitelist the one you approve, and therest will be blocked from being used.

If you don’t see a specific RMM tool you can also manuallyadd it so it’s either blocked or allowed.You can even get granular and allow certain devices to haveother tools while the other devices are blocked. So, if you have a device thatis managed by a 3rd party and they use another RMM tool you canallow that to be used.

But it’s not just about RMM tools. This allows you to blockthings in several categories such as pen testing tools, ransomware tools andcredential access tools. Tools that a compromised machine might use like mailpassviewor an IP scanner can be blocked as well. In the event a machine is infected andan attacker gains access this limits the ability to spread or cause harm to thePC or data stored on it.The tool forces you to run in monitor mode for at least 24hours. This lets you get an idea of what would have been blocked and lets youmake changes before enabling the blocking mode.

You can edit the rule right from the event page to allow adevice or disable a app from being blocked.If this sounds like something that would help you or yourbusiness make sure to reach out to the guys at BlackPoint - https://blackpointcyber.com/solutions/managed-application-control/

Why Co-Managed IT Services are a Good Idea
What is Involved? Server Migrations to SharePoint

Services
Managed IT Services
Co-managed IT Services
IT Helpdesk & Support
Proactive Maintenance
Status Monitoring
Email Migration Services
Microsoft 365 Optimization
Mobile Device Management
Virtual CIO Services
Technology Alignment Process
IT Infrastructure
Hardware
Software and Workflows
MAC Integration
AdminDroid
Virtualization
IT Security
Cybersecurity & Antivirus
IT Audit & Compliance
Data Backups & Disaster Recovery
Spyware and Virus Removal
Endpoint Detection & Response (EDR)
Security Awareness Training
Spam & DNS Website Filtering
Managed Detection & Response with Secure Operations Center (MDR w/ SOC)
IT Consulting
IT Project Planning
Cloud Solutions
Business Continuity
Automating Processes
Industries
Overview
About Us Our TeamCore ValuesTestimonialsBlogSterling in the NewsContact Us CareersRemote SupportAreas We ServeMedia Room
Privacy PolicyTerms of Service
©2023 Sterling Technology Solutions