Endgame Exploit Prevention Technology Achieves 96% Detection of Broad Classes of Advanced Attacks
Endgame HA-CFI proven significantly more effective compared to industry standard Microsoft EMET, which achieved only 83% detection
ARLINGTON, VA -- AUGUST 3, 2016 -- Endgame, a leading provider of endpoint security solutions to hunt advanced adversaries, announced testing results of its novel hardware assisted exploit prevention technology (HA-CFI) at Black Hat USA 2016. HA-CFI, the first solution of its kind, achieved 96% detection in a rigorous internal test that included 68 unique exploits. By comparison, Microsoft EMET, the most widely-used host exploit prevention technology, achieved only 83% detection. HA-CFI, integrated with Endgame’s Hunt platform, will provide analysts with immediate detection of known and never-before-seen attacks, eliminating the cost and time associated with incident response.
Endgame HA-CFI monitors program execution in real-time and prevents attacks on endpoints before damage and loss of critical assets, earlier than any product available in the industry. This technology is part of a multi-layer set of capabilities that protect against exploitation of broad classes of vulnerabilities and adversary techniques, including heap-overflows, use-after-frees, and return oriented programming. Endgame deployed a very rigorous internal test for both HA-CFI and Microsoft EMET against a broad class of vulnerabilities, including Metasploit and in-the-wild samples. The testing spanned dozens of common vulnerabilities and exposures (CVEs) and several vulnerability classes and exploit techniques across multiple years.
HA-CFI technology is integrated with Endgame’s end-to-end Hunt platform, which provides enterprises with early detection and eviction of known and never-before-seen threats at all stages of the kill chain. To learn more about this technology, stop by for a demo at Booth #1554 at Black Hat USA, or attend Endgame’s Black Hat presentation on CFI on Wednesday, August 3rd at 10:20am.
Endgame is a leading provider of endpoint security solutions that enable enterprises to close the protection gap against advanced adversaries prevent advanced attacks and detect and eliminate resident [or ongoing] attacks. The Endgame platform empowers hunt teams, incident responders, and security analysts to conduct an end-to-end hunt mission, significantly reducing the time to detect and contain adversaries. Our IOC-independent platform covers the entire kill chain, leveraging machine learning and data science to uncover, in real-time, unique attacks that evade traditional defenses and respond precisely without disrupting normal business operations. For more information, visit www.endgame.com and follow us on Twitter@EndgameInc.