Application White Listing is being sold as the needed silver bullet to stop malware and "APT" style infections. While the presenters understand that something better than Anti-Virus is needed, we do not believe that there is or ever will be a silver bullet. The talk includes all of the details of our findings. The results are in and we have found that Application White listing is nothing more than a small road block much like current Anti-Virus. We found that there are some very easy ways to get around this type of software due to lack of features, lack of understanding the current threat landscape and in some cases vulnerabilities in the software that allow complete bypass. We will take the audience through our testing methodology and findings. We tested Bit9 Parity, Microsoft AppLocker and McAfee Application control on both Windows XP and Windows 7. We will end the talk by releasing a Metasploit module that will give you the techniques we found successful so you can utilize these in your penetration testing. We will also leave everyone with some band aid fixes that you can implement until the vendors catch up and plug these holes.