Detecting unapproved executables on a Windows Domain
Posted on 2011-09-17
I am looking for a super low-cost (if not free) way of detecting when an unapproved executable (exe, bat, com, etc) is launched on any workstations and servers within the domain. This looks like a client side monitor solution would be needed. I would want to provide a list of approved exe files, then receive reports on any that do not fit the list. I could then add them as approved or add them to a list of banned executables that the client side solution would block from execuating. This almost sounds like an AV solution, but we already use VIPRE and so replacing it with a different AV solution is not possible at this point.