A deny list, sometimes called a blacklist, is a security mechanism that explicitly identifies and blocks certain entities - such as IP addresses, email addresses, domains, applications, or file types - that are considered untrusted or malicious. When a system uses a deny list, it checks incoming data or requests against this list and denies access or execution if a match is found. Deny lists are commonly used in firewalls, email filters, and web security solutions to prevent known threats from entering a network or system. However, relying solely on deny lists can be risky, as new threats may not be included until they are discovered and added.