Cyber Swachhta Kendra (India), a center set up for handling the tasks related to malware analysis, has rolled out a handful of security tools to mitigate online security threats for PCs and smartphones. The security tools – AppSamvid, M-Kavach (for mobile devices), USB Pratirodh, etc- have been particularly designed to mitigate threats through malicious botnets, malware, and web browsers. In this post, we will look at AppSamvid, a free Application Whitelisting software for the Windows operating system.
AppSamvid Application Whitelisting software
AppSamvid is an application whitelisting software that helps you whitelist a program in Windows. If you are not aware, application whitelisting is the security practice of restricting systems from running software unless it has been cleared for safe execution. This has numerous advantages over the traditional signature-based antivirus software approach of blacklisting the virus files. For instance, Whitelisting has the advantage over blacklisting as it does not require frequent virus definition updates. AppSamvid protects is capable of protecting operating systems against such threats including Ransomware.
When you first download and install the application, you’ll notice a setup screen that prompts you for a password. Enter the password and choose ‘Next’. This password needs to be entered using the AppSamvid user console password dialog box, which pops up every time a user tries to get access to the AppSamvid user interface.
The main interface of the program displays the following:
1] Home Menu: This menu bears the description of the applications. In addition to this, it makes visible the current status of the software installed.
2] Scan Options: The scan options available are:
- Initial Scan: Remains active, only if it is not performed initially during the installation process. Thereafter, it is disabled.
- Folder Scan: Performs drive scan to add to the database.
- File scan: Adds a single file to the database.
To enable Whitelist Enforcement, go to the Home menu, select the Enable Whitelist Enforcement option under the AppSamvid features option, and click on Apply. To disable it, select the Disable Whitelist Enforcement or Suspend Whitelist Enforcement until the next reboot button and click on Apply.
3] Settings Menu: This menu allows configuring different options and you will find the following settings:
- Java Settings: Allows viewing JDK and JRE installed on the system. This option is for use when the user intends to whitelist java files.
- Change AppSamvid Administrator Password: As the name suggests, the option allows changing the AppSamvid software’s administrator password.
- Check for updates: This option allows the user to evaluate/calculate the potential updater application(s) of third-party software. This can be done by analyzing the logs generated by AppSamvid software as it helps a user to easily identify the executable file(s) that can be marked as trusted updater(s).
4] Logs Menu: Keeps a log of changes made by AppSamvid software. It features action columns as:
- Block_Unknown – For application files NOT found in the AppSamvid database.
- Block_known – For application files found in AppSamvid database and explicitly blocked by the user.
When you choose to run a scan, the program scans the complete hard disk for executables, Java files, etc, and stores them in the database along with some additional information about each file. Once the software is installed and the initial scan of applications is complete, the user can whitelist any executable files using file and/or folder scan.
The AppSamvid tool is designed and developed by Centre for Development of Advanced Computing (C-DAC) and an integral part of Cyber Swachhta Kendra (Government of India’s Digital India initiative under the Ministry of Electronics and Information Technology MeitY, set up in accordance with the objectives of the National Cyber Security Policy). C-DAC is the premier R&D organization of the Ministry of Electronics and Information Technology (MeitY) for carrying out R&D in IT, Electronics and associated areas.
The main function of this Center would be to create a secure cyberspace by detecting botnet infections in India. Further, this center will notify the users and provide tools to enable cleaning and securing systems so as to prevent further infections. This center operates in close coordination and collaboration with Internet Service Providers and Antivirus companies.
You can download AppSamvid from cdac.in. Do leave your feedback in the comments section below.
