Security should be multilayered, and use of allowlists is appropriate as one of the security levels.