A list of discrete entities, such as hosts or applications that are known to be benign and are approved for use within an organization and/or information system.
The process used to identify:
(i) software programs that are authorized to execute on an information system; or
(ii) authorized Universal Resource Locators (URL)/websites.
See the following under Whitelisting for more information:
An approved list or register of entities that are provided a particular privilege, service, mobility, access or recognition.
See NISTIR 7621 Rev. 1 under Whitelist for more information.