A simple approach and fundamental principle in IT security is to allow what is really needed. Security is all about access control and keeping track of activity with identity. In cyber security, access is granted based on identity and intent. Whitelists are identities with good intent and blacklists are identities with bad intent. This is a debatable topic and we will discuss it further with regards to requirements and implementation:
