What principal risk does application whitelisting mitigate in an organization?

Application whitelisting is a security measure that allows only approved applications to run on a system. This control effectively mitigates the risk of malware execution by ensuring that only known and trusted applications can be executed. In an environment where whitelisting is implemented, any unapproved or unknown software attempting to run will be blocked, thereby preventing potential malware from being installed or executed.

Thus, the primary benefit of using application whitelisting is its role in enhancing endpoint security by reducing the attack surface available to malicious software, which is often a vector for breaches and other security incidents. By limiting the programs that can run, organizations can better protect their systems against unauthorized and potentially harmful applications, significantly lowering the chances of malware infiltration and execution.