Skip to content
Execution Prevention
BlackFog 4.2 and above offers a new feature called “execution prevention” within the settings. This option provides a new technique for preventing malware execution.
Process Monitoring
Typically, organizations and previous editions of BlackFog utilized a whitelisting approach, whereby execution of rogue malware was prevented by blocking execution in specific directories such as temporary folders or application data directories. Whilst very effective at preventing malware, the downside was that many legitimate applications often used these locations as well. Even though this is against guidelines, companies such as Google and Microsoft’s own applications sometimes used this method, meaning that when you installed a new application that used these directories you had to whitelist the files. Users found this to be invasive so we decided to develop a new approach.
We have eliminated whitelisting in favor of process monitoring and application validation. This is a behavioral technique for detecting malicious activity. The principle behind this technique is that malware often masquerades as other applications, spawns from system processes and executes in certain ways. In these scenarios we introspect all of the processes to see if they are being hijacked, replicated or simply spoofed. As with the data exfiltration rules, this is done in real-time.
Reducing False Positives
Ultimately this will lead to less false positives and ensure more accurate protection than whitelisting can ever provide. In addition, this will protect execution across the entire device rather than specific directories.
Share This Story, Choose Your Platform!
Related Posts
AI Data Exfiltration: The Next Frontier Of Cybercrime
How are cybercriminals using AI data exfiltration to enhance their ransomware attacks and what must businesses do to counter these threats?
5 Enterprise Use Cases Where AI Privacy Concerns Must Be Addressed
AI privacy concerns are rising with AI adoption - five use cases highlight the key issues businesses must consider.
What AI Management Really Means For The Enterprise
Ongoing AI management is essential in maintaining compliance in a challenging environment. Here's what businesses need to consider.
AI Security Risks Every Business Must Know About
AI Security Risks are growing as AI embeds in business. What key threats must firms address to stay compliant with data regulations?
Who’s Really In Charge? Why AI Governance Is Now A Business Imperative
Find out why a strong AI governance program will be essential if enterprises are to make the best use of the highly in-demand technology.
AI Compliance: A Roadmap For Addressing Risk And Building Trust
AI compliance is set to be a major focus for businesses in the coming year. Here's what you need to know to make this as easy as possible.