Airlock Blog | David Cottingham

How to Reduce Your Attack Surface by Removing Unused OS Features

Mitigate risks such as LOL exploits, by using allowlisting to control, monitor, and block unnecessary binaries and features.

What is an OTP in Airlock’s Allowlisting Solution?

The OTP process generates a code specific to a particular endpoint that can only be used once for a predetermined time period. That code effectively operates as a secret key that disappears completely rather than remain in a database, application or other location.

Airlock Customer Summit Marks Start of New Era of Customer Engagement

Customer feedback is critical to the roadmap for Airlock Digital’s allowlisting solution and the inaugural Airlock Customer Summit in Sydney marked the start of a new phase of customer engagement, event attendees heard this week.

Trust files in complex cases with Airlock Allowlisting 5.3

The latest version of Airlock Allowlisting, v5.3, is now in general availability and customers can take advantage of improved flexibility and ease of use when using the product to allow trusted applications and block the rest.

Risky Business - When standards drive innovation

In this Risky Business News interview, Tom Uren talks to Daniel Schell, CTO and David Cottingham CEO of Airlock Digital. They discuss the security standard that drove innovation and the genesis of Airlock Digital and also how to make sure that standards don’t become box-checking exercises.

Risky Business - LockBit is down but not out. Yet.

In this episode of Risky Biz, Airlock Digital’s Daniel Schell talks about his adventures with WDAC, and Dave Cottingham predicts Windows 12 will go all in on signed code. Also Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: LockBit gets back up after takedown, Russia arrests Medibank hacker… for something else ConnectWise gives out free updates, but customers aren’t happy, and much more

AnyDesk Incident - Airlock Digital Customer Guidance

This blog provides guidance for Airlock Digital customers regarding the AnyDesk security incident. While AnyDesk has stated in their announcement that the software is safe to use, their action of revoking code signing certificates suggests that their existing certificates were likely compromised and should no longer be trusted.

CERT NZ Continues to Recognize Application Allowlisting

To ensure the continued cybersecurity resilience of organizations across New Zealand, the Computer Emergency Response Team of New Zealand (CERT NZ) recognizes application control (allowlisting) in their Critical Controls framework.

Airlock Digital – Allowlisting Auditor v4

Airlock Digital – Allowlisting Auditor v4. The auditor is a free utility developed designed to comprehensively test application allowlists for weaknesses and misconfigurations, regardless of vendor.

Blogs and Updates