AppLocker is an application whitelisting technology introduced with Microsoft's Windows 7 operating system.
It allows restricting which programs users can execute based on the program's path, publisher, or hash,[1] and in an enterprise can be configured via Group Policy.
Unlike the earlier Software Restriction Policies, which was originally available for Windows XP and Windows Server 2003,[2] AppLocker rules can apply to individuals or groups.
Policies are used to group users into different enforcement levels.
For example, some users can be added to an 'audit' policy that will allow administrators to see the rule violations before moving that user to a higher enforcement level.