McAfee Application Control

McAfee Application Control

Protect systems from unknown, advanced persistent threats with centrally managed whitelisting

Next Steps:


McAfee Application Control software provides an effective way to block unauthorized applications and code on servers, corporate desktops, and fixed-function devices. This centrally managed whitelisting solution uses a dynamic trust model and innovative security features that thwart advanced persistent threats — without requiring signature updates or labor-intensive list management.

Complete protection from unwanted applications — Application Control extends coverage to executable files, libraries, drivers, Java apps, ActiveX controls, scripts, and specialty code for greater control over application components.

Flexibility for desktop users and server admins — IT can empower select desktop and server users to approve new apps instantly, and IT can choose to approve or reject these new apps during their routine audit.

Viable security for fixed-function and legacy systems — Application Control has a small footprint and low performance overhead, making it the perfect solution for protecting fixed-function devices, such as kiosks and point-of-sale (POS) terminals. It also extends protection to your legacy Windows NT and Windows 2000 systems.

Minimize patching while protecting memory — Allows you to delay patch deployment until your regular patch cycle. In addition, it prevents whitelisted applications from being exploited via memory buffer overflow attacks on Windows 32- and 64-bit systems.*

Centralized, integrated management — Leverage your investment in the McAfee ePolicy Orchestrator (McAfee ePO) platform. McAfee ePO software integrates all McAfee and security and risk management products from McAfee Security Innovation Alliance partners for a single view of enterprise security management.

* Network Security Platform (NSP) or Host Intrusion Prevention System (HIPS), as an added layer of defense, prevents kernel vulnerability exploits and Denial of Service (DoS) attacks.

Your data center is evolving. Are you?

View Infographic

Features & Benefits

Reduce risks from unauthorized applications and code

Allow only trusted applications to run on your endpoints, fixed-function devices, and servers. McAfee Application Control also stops malware — whether binaries, kernel components, DLLs, ActiveX controls, scripts, or Java components — from executing.

Save time and lower costs with dynamic whitelisting

Maximize administrator efficiency with a dynamic trust model that does not require signature updates or labor-intensive list management.

Reduce patch cycles and protect memory

Eliminate “patch panic” using a validated countermeasure that maintains your regular patch cycles and prevents whitelisted applications from being exploited via memory buffer overflow attacks on Windows 32- and 64-bit systems.

Inform and empower users with user-friendly notifications (optional)

Educate desktop users about disallowed applications with informative pop-up messages that can prompt them to seek approvals via email or helpdesk requests.

Extend the lifespan of legacy systems

Protect older systems that OS and security vendors no longer support, such as Windows NT and Windows 2000, while alleviating the need to patch these systems.

Safeguard field units and fixed-function devices

Take advantage of our transparent model that requires negligible CPU and memory usage.

Thwart advanced persistent threats with Global Threat Intelligence

Know the reputation of every file and application in your environment with real-time Global Threat Intelligence that automatically categorizes them as good, bad, and unknown.

Use central management to increase efficiency

Optimize and simplify management with the McAfee ePolicy Orchestrator (McAfee ePO) platform. Oversee and administer all your security protections from a single, centralized console that spans McAfee products, Security Innovation Alliance Partner products, and homegrown applications.

System Requirements

Microsoft Windows

  • Embedded: XPE, 7E, WEPOS, POS Ready 2009, WES 2009, 8 Industry, 8.1
  • Server: 2008, 2008 R2, 2012, 2012 R2
  • Desktop: Vista, 7, 8, 8.1

Legacy Platforms

  • Server: NT, 2000, 2003, 2003 R2
  • Desktop: XP


  • RHEL/CentOS 5, 6
  • SUSE/openSUSE 10, 11
  • OEL 5, 6
  • Ubuntu 12.04

Demos / Tutorials


Learn how McAfee Application Control works with McAfee ePolicy Orchestrator software and extends the viability of fixed-function systems without impacting performance.


For guidance on how to use Application Control, watch this Quick Tips video.

Customer Stories


CEMEX adopts a Security Connected approach to safeguard endpoint and network security and improve visibility.

  • Safeguards against zero-day advanced persistent threats without signature updates.
  • Greatly diminishes administrative time, from defining policies to repairing workstations.
  • Protects more than 26,000 endpoints from email, web, and application-generated attacks.
  • Provides streamlined and integrated management of large, global security platform.


With a dedicated McAfee resident support account manager, Honeywell gets onsite troubleshooting, faster problem resolution, and fewer escalations to McAfee Support.

Seagate Technology

McAfee Application Control protects Seagate's intellectual property and complex IT environment.

  • Custom end-user protection to boost employee productivity
  • Increased performance of single-use machines in the factory
  • Malware-free factory environment

Sysec Ltd.

U.K. partner Sysec gains 30% year-over-year growth by selling the complete McAfee solution portfolio.


Data Sheets

McAfee Application Control

For a technical summary on the McAfee product listed above, please view the product data sheet.

McAfee Application Control for Desktops

For a technical summary on the McAfee product listed above, please view the product data sheet.


Maintain Security for XP Systems

Learn about how application whitelisting can maintain security for Microsoft Windows XP systems no longer supported by Microsoft.


SANS Top 20 Critical Controls Poster

The top 20 critical controls for effective cyberdefense.


SANS Report: Critical Security Controls: From Adoption to Implementation

A recent SANS survey provides an in-depth look at the primary industries adopting critical security controls and how they approach implementation.

Solution Briefs

Counterattacking BERserk

Trust is no longer present when the privacy, integrity, and authenticity of our information is called into question. Learn how you can protect your company against attacks that attempt to exploit the BERserk vulnerability.

Abuse of Trust

Attackers prey upon the institution of trust in many ways, with exploiting unsuspecting victims the primary pursuit. Learn how McAfee security technology can help protect against attacks seeking to abuse the trust your company has in its day-to-day operations.

McAfee Application Control Extends the Life of Legacy Microsoft Windows XP Systems

McAfee Application Control provides an effective way to block unauthorized applications from running and will continue to support Windows XP systems even after Microsoft’s phase-out of support has taken effect.

The Evolving Landscape of Desktop Security

Learn how application whitelisting and recent technology enhancements make it easier to implement whitelisting.

White Papers

Conquer the Top 20 Critical Security Controls

Critical Security Controls (CSCs) help organizations break down operational silos by providing a pragmatic blueprint detailing where to focus efforts to achieve the greatest results. This white paper maps the quick wins within the first five CSCs to associated McAfee products, services, and partner solution capabilities — all part of the Security Connected platform.

From Silicon to the Data: A Multi-Point Approach for Protecting Cloud Environments

Intel and McAfee, along with industry partners, are providing comprehensive solutions to better address the challenges of security for cloud computing.

Taking Back Control in Today’s Complex Threat Landscape

This document discusses the role that integrity control plays in defending networks against attack through a focus on two key areas — controlling what applications are allowed to run and how they are run, and protecting systems on the network from configuration changes and mistakes that can allow serious vulnerabilities to be exploited.



  • Update on the Beebone Botnet Takedown
    Raj Samani - April 20, 2015

    On April 8, the takedown operation for the polymorphic botnet known as Beebone successfully concluded. This action redirected traffic from infected hosts to a sinkhole operated by the Shadowserver Foundation. In addition to halting additional infections and the continued morphing of the W32/Worm-AAEH worm, the sinkhole allows McAfee Labs and other partners in the takedown […]

    The post Update on the Beebone Botnet Takedown appeared first on McAfee.

  • Taking a Close Look at Data-Stealing NionSpy File Infector
    Sanchit Karve - April 14, 2015

    W32/NionSpy is a family of malware that steals information from infected machines and replicates to new machines over networks and removable thumb drives. Aside from stealing keystrokes, passwords, Bitcoins, system information, and files on disk, NionSpy (also known as Mewsei and MewsSpy) can record video (using the webcam), audio (using the microphone), take screenshots, and […]

    The post Taking a Close Look at Data-Stealing NionSpy File Infector appeared first on McAfee.

  • VaultCrypt Ransomware Hides Its Traces While Stealing Web Credentials
    Diwakar Dinkar - April 13, 2015

    Since the beginning of the year we have seen a spike in ransomware including the emergence of new ransomware families. One family that has recently resurfaced is Vaultcrypt. This variant both tidies up after itself and steals web page login data. Infection vector The malware arrives on a victim’s machine through a spam email containing […]

    The post VaultCrypt Ransomware Hides Its Traces While Stealing Web Credentials appeared first on McAfee.

  • Takedown Stops Polymorphic Botnet
    Raj Samani - April 9, 2015

    Several global law enforcement agencies—with assistance from Intel Security—this week successfully dismantled the “Beebone” botnet behind a polymorphic worm known by Intel Security as W32/Worm-AAEH. The purpose of this worm is to facilitate downloading other malware, including ZBot banking password stealers, Necurs and ZeroAccess rootkits, Cutwail spambots, fake antivirus, and ransomware. The worm spreads quickly […]

    The post Takedown Stops Polymorphic Botnet appeared first on McAfee.

  • Hidden Low Hanging Avaya IP Office Default Credentials
    McAfee Foundstone Professional Services - March 30, 2015

    Written by Piyush Mittal. Default credentials are considered to be the most common, low hanging fruit, in the field of information security that is frequently exploited by the hackers as they are easily identifiable and exploitable. In this blog we will go through the default credentials for Avaya IP office, which can be used by […]

    The post Hidden Low Hanging Avaya IP Office Default Credentials appeared first on McAfee.