Volume 6
ploits . Weaponized documents hijack trusted applications such as Microsoft Word or Adobe Acrobat Reader and transform them into malware . File-less malware abuses built-in Windows utilities to create an attack . Another form of file-less malware forms in memory and has no file footprint in the system . Espionage based file-less malware easily scrapes information from a CFO ’ s laptop or steals Windows login credentials from any desktop . The adversaries use these stolen credentials to gain unfettered access to enterprise resources in an undetected way with no further authentication . AppGuard protects enterprises from modern malware while other classical defenses such as Anti- Virus ( including Machine Learning , new generation AntiVirus ), White Listing , Anti-Exploit , and Endpoint Detection and Response ( EDR ), fail to stop these
breaches .
Technological Innovation
July-Aug 2016 Edition
AppGuard offers an effective defense against vulnerabilities not addressed by conventional means . Without relying on detection , identification , signatures , or scanning , AppGuard disrupts malware attacks , halting breach attempts before a compromise can occur . AppGuard stops zero-day malware , polymorphic malware , phishing , “ malvertising ”, watering-hole , removable media based , malware-tainted document intrusions known as weaponized malware , drive-by-downloads , and ransomware .
IoA Threat Data Collected On and Off Enterprise around the Globe in Near Real Time
AppGuard is the only preventive technology that stops modern malware at the earliest stages of the attack and generates IoAs ( Indicators of Attack ), without actually detonating the malware , without scanning , without reliance on signatures including the high attack signatures , known as IoCs ( Indicators of Compromise ). Other endpoint protection products allow malware to “ detonate ” relying on detecting and responding to the compromise in time to limit breach effects . Breaches without a known signature or IOC can go undetected for weeks or months , placing an enterprise at risk if they rely on breach detection , White Listing , blacklisting ( antivirus ), sandboxing or other detection-based techniques .
AppGuard IOAs are Used to Identify New Malware
It protects popular applications ( Microsoft Office , Office 365 , PDF ’ s , Internet Explorer , Chrome , Firefox , etc .) and Virtual Desktop Interface ( VDI ) platforms . Unlike sandbox-based containment products , AppGuard does not need to be updated in response to application tailoring or application or operating system updates . AppGuard supports integration of embedded roots of trust such as Trusted Platform Module ( TPM ) and it works with Microsoft DeviceGuard as well as Windows 10 Virtual Secure Mode ( VSM ). AppGuard is Hypervisor agnostic , can run on any Type-1 Hypervisor supported platform , and supports Microsoft ’ s Hyper-V and upcoming Windows Azure shielded Virtual Machines with Virtual TPMs in the Microsoft Azure Cloud . It does not disrupt the user experience with legitimate endpoint operations . Based on demand , its underlying technology is adaptable to other modern operating systems , smartphones ,
78