Bit9 on Tuesday announced an upgrade to its endpoint-protection software that implements automatic whitelisting of approved applications and devices.

Available now, Parity 4.0 is designed to secure a corporation’s laptops from dangerous software and infected devices not by preventing users from installing items that have been blacklisted, but by only allowing them to install those that have been whitelisted, says Brian Hazzard, director of product marketing with Bit9.

The whitelisting feature allows administrators to restrict storage device use to trusted devices (only encrypted devices, for example) and trusted users in order to prevent the authorized copying of data, he says.

This whitelisting approach offers a higher degree of security while also making endpoints easier to manage, Hazzard says.

Bit9 operates a knowledgebase about commercial applications, open source software, libraries, drivers, malware and other software that administrators can check to easily identify files loaded onto a user’s machine that are placed there upon installation. That knowledgebase has four billion files, he says.

The upgrade allows administrators to test policies they develop before implementing them, making sure all the applications they want whitelisted are included.

Parity 4.0 integrates with Active Directory so that policies can be enforced on a per-computer or per-user basis, Hazzard says.

The upgrade is priced at $35 per endpoint.