BLOCK EXPLOITS & MACROS BEFORE THEY RUN
Adversaries often exploit vulnerabilities in commonly used applications, such as Microsoft Office or web browsers to launch a malicious payload and gain a foothold on a system. Most endpoint security products attempt to stop exploits by dynamically inspecting executing code. This prevention technique is too late because it allows an adversary to gain a foothold on an endpoint and bypass existing prevention technologies.
Endgame prevents bypass by blocking exploits before attacker code execution. Unlike any other solution, our patent-pending HA-CFITM and enhanced DBI prevents zero-day exploits before malicious code execution. Our heuristic-based macro prevention blocks malicious macros embedded in commonly targeted applications. Endgame’s exploit and macro prevention technology achieves greater than 99% effectiveness against all active exploit kits and APT samples.
STOP RANSOMWARE ATTACKS
The past year has seen a dramatic increase in the amount and success of ransomware attacks that leverage novel techniques and 0-day exploits to encrypt files and make them inaccessible. Ransomware attacks often evade endpoint defenses, use advanced persistence mechanisms, and do not look like malware, allowing attackers to bypass signature and IOC-based tools. Enterprises must block ransomware activity on a host at runtime before critical data is lost.
Endgame’s behavior-based ransomware prevention blocks ransomware attacks and protects against critical data loss. Our dynamic behavior-based protection monitors all created and active processes to stop ransomware attacks, including BadRabbit, Petya, WannaCry, and Locky.