Managed Application Control FAQ
Managed Application Control provides you with a curated block list for applications Blackpoint's threat intel team deems high risk due to their misuse by threat actors for malicious purposes. Managed Application Control lets you use Blackpoint’s curated block list as well as create your own custom rules to apply curated application settings to your and your clients’ extended perimeters. Blackpoint's 24/7 Security Operations Center (SOC) also investigates and responds to malicious activity based on applications blocked via our curated list.
Managed Application Control Highlights
- Provides you with Blackpoint’s curated, constantly updated list of applications to block, based on threat intel from our Adversary Pursuit Group (APG) and on real-world cyber-attacks our SOC sees firsthand.
- Lets you create custom rules for your various customers’ specific needs to avoid false positives, overgeneralizations, and inadequate oversight.
- Provides you with our 24/7 SOC to immediately detect and respond to additional malicious activity.
- Minimizes the time spent on verification requests, setting maintenance, and false-positives that deny access to legitimate applications.
- Helps you gain visibility into device activity across extended perimeters.
- Enables users to access organizational resources and data from their devices, while ensuring all devices meet business security requirements.
Frequently Asked Questions
Is Blackpoint Response required for access to Managed Application Control?
Blackpoint’s Managed Application Control is available to customers who subscribe to the Blackpoint Response bundle. Existing Blackpoint MDR customers will need to convert their subscription to Blackpoint Response for access to Blackpoint’s Managed Application Control.
Convert to Blackpoint Response
Customers using MSProtect also have access to MAC.
How will Managed Application control be priced?
Managed Application Control is part of the Blackpoint Response bundle. Customers who subscribe to Blackpoint Response receive Managed Application Control at no additional cost.
What training resources will be available to Blackpoint partners?
You will have the opportunity to attend one of four partner training sessions taking place in June.
Recorded videos will also be made available.
Please reach out to your Partner Success Manager to register for the training sessions or for details on the recorded videos.
How will I know which applications are being blocked?
You can view which applications are being blocked through the events page under the Managed Application Control menu in the Blackpoint Add-Ons Portal. See the User Guide.
How do I block an application?
You can block an application under the Add Block Rule page under the Managed Application Control menu in the Blackpoint Add-Ons Portal. See the User Guide for instructions.
How do I unblock an application?
You can unblock an application from the Blocked Applications page under the Managed Application Control menu in the Blackpoint Add-Ons Portal. See the User Guide for instructions.
Do I need to add any antivirus or EDR exceptions to Managed Application Control?
Customers using Cylance should add an exception for snapw.exe and SnapAgent.exe.
What are the system requirements?
- Microsoft Windows 8 (x64), Microsoft Windows 10 or newer
- Microsoft Server 2012 R2 or newer
- ARM-Based Processor: Not Supported