Application Behavior Control
- Restrict legitimate applications and scripts
- Targeted blocking of sub-processes
- Access control of applications to file system and registry
- Regulate permission hierarchies
- Self-learning application behavior
- Restrict file and directory filters
Take Malware Protection to a Higher Level of Security
Application control with predictive whitelisting enables administrators to control the execution of any applications against a list of approved programs. However this protection can still be optimized to prevent file-less malware where attackers use approved Windows default administration or system tools and scripts in so-called “living off the land” attacks. This enhanced prevention significantly reduce the potential threat by restricting the applications behavior through controlled permissions.
Built on DriveLock Application Control, Application Behavior Control provides additional security by controlling application behavior using application permissions. Application permissions add more granular effect and provide better prevention against the possible circumvention of the whitelist.
- Prevent permitted applications from starting further applications (processes or scripts), which could pose potential threats to the system.
- Specify which type of access a particular application is allowed (e.g. reading/writing to files or accessing the registry).
- Provide better protection against “fileless” attacks and block the invocation of certain subordinate processes.