PC Matic Application Allowlisting is an endpoint security technology that restricts execution on systems and devices to only trusted, pre-approved files and scripts. Unlike application control, which evaluates trust at the application package level, this product screens at the granular level of individual files, scripts, macros, processes, and file extensions — regardless of the software publisher or parent process they belong to. The product monitors operating systems in real time to identify and evaluate each file uniquely. If a file, script, macro, driver, or patch update is unknown, modified, or absent from the approved allowlist, it is blocked from executing by default. This approach is designed to prevent zero-day attacks, ransomware, and malware that may be disguised within or piggybacking on legitimate software updates or packages. Key components include: - Entity integrity monitoring for real-time OS-level file screening - Real-time allowlist updates to address emerging CVEs and vulnerabilities - PowerShell script use restrictions - Secure RDP monitoring - Blacklist antivirus integration alongside allowlisting - Automated driver updates and security patch management - Zero trust network and endpoint security principles The solution is positioned as a preventative (rather than reactive) security measure and can be deployed alongside existing endpoint security solutions. It supports hybrid environments including cloud-hosted virtual machines, servers, and networks. It is used by SMBs, enterprises, and government entities.