Categories
Problems that solves
Malware infection via Internet, email, storage devices
High costs
Risk of attacks by hackers
Risk of data loss or damage
Risk of lost access to data and IT systems
Values
Reduce Costs
Ensure Security and Business Continuity
Manage Risks
Trend Micro Endpoint Security
Trend Micro Endpoint Security - Defend against the threats of today and tomorrow with XGen™ security
About Product
Description
Signature-based detection Traditional signature-based anti-virus and anti-malware offer a high level of protection against known threats in a very computationally efficient way. (The process of matching files against a list of known malware signatures is far less CPU-intensive than the more advanced behavior-based detection techniques.) But with new variants of crypto-ransomware being released every minute, the usefulness of signature based detection as a standalone security technique is waning. To provide any real value to an enterprise, it must be complemented by a wide range of other techniques. Still, signature-based detection should be a part of a multi-layered security approach, including:
- File and web reputation – Blocks the execution of any files, URLs and websites that match the signature of a known malicious item, but has difficulties with unknown/unrecognized threats (such as polymorphic or packed malware) or attacks originating from a ‘good’ ISP or data center.
- C&C blocking – Examines and shuts down endpoint traffic (over any port) that is attempting to connect to or contact a known command-and-control (C&C) server.
- Script protection – Checks for malicious code or scripts within files attempting to execute on the endpoint (e.g., Office macros, scripts in PDF, PowerShell scripts).
- Injection protection – Blocks processes from injecting code where it shouldn’t be (such as program libraries).
- Suspicious action monitoring – Examines an item as it is loading or running, looking for suspicious behavior in how it interacts with other processes.
- Ransomware protection – Looks for rapid obfuscation/encryption of files by an unknown process, then terminates that process and restores the encrypted files.
- Memory inspection – Evaluates processes running in memory, scanning them for malware (or fragments of recognizable malware) as an item is unpacked into memory. This ensures malware packer tools can’t just obfuscate an older known piece of malware.
- Browser exploit protection – Uses emulation and algorithmic detection technology to protect against exploit code on web pages (e.g., exploits in Java and Flash).
- Host-based firewalls – Protects endpoints on the network using stateful inspection and network virus scanning.
- Exploit protection – Monitors programs that demonstrate abnormal behavior associated with exploit attacks, and uses multiple heuristic analysis techniques to detect exploit code on web pages as users attempt to access them with their browsers.
- Intrusion prevention – Blocks network-based exploits of known vulnerabilities in popular applications and operating systems by using host-based intrusion prevention (HIPS) rules that provide a virtual patch.