![Execution Prevention Execution Prevention](https://privacy.blackfog.com/wp-content/uploads/2019/12/ExecutionPrevention.png)
BlackFog 4.2 offers a new feature called “execution prevention” within the settings. This option provides a new technique for preventing malware execution.
Typically, organizations and previous editions of BlackFog utilized a whitelisting approach, whereby execution of rogue malware was prevented by blocking execution in specific directories such as temporary folders or application data directories. Whilst very effective at preventing malware, the downside was that many legitimate applications often used these locations as well. Even though this is against guidelines, companies such as Google and Microsoft’s own applications sometimes used this method, meaning that when you installed a new application that used these directories you had to whitelist the files. Users found this to be invasive so we decided to develop a new approach.
We have eliminated whitelisting in favor of process monitoring and application validation. This is a behavioral technique for detecting malicious activity. The principle behind this technique is that malware often masquerades as other applications, spawns from system processes and executes in certain ways. In these scenarios we introspect all of the processes to see if they are being hijacked, replicated or simply spoofed. As with the data exfiltration rules, this is done in real-time.
Ultimately this will lead to less false positives and ensure more accurate protection than whitelisting can ever provide. In addition, this will protect execution across the entire device rather than specific directories.
Related Posts
BlackFog Strengthens Leadership Team with Strategic Appointments
BlackFog strengthens leadership and the next stage of growth with Brenda Robb as President, John Sarantakes as CRO, and Mark Griffith as VP of Strategic Sales.
The CrowdStrike Incident: A Global IT Meltdown
Discover how the recent CrowdStrike incident caused a global IT meltdown, affecting thousands of businesses. Learn about the event timeline, its impact, and how BlackFog's advanced practices can help prevent such risks. Stay informed and protect your business from future cybersecurity threats.
6 Essential Ransomware Prevention Steps Every Firm Must Take in 2024
What essential ransomware prevention steps must businesses take as the scale of this threat continues to rise?
Data Protection vs Data Security: The key Differences to Know
Are you aware of the difference between data protection and data security? Here's what you know to keep your data safe.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Understanding Data Privacy and Security: How do they Relate?
Data privacy and security are critical topics for any business to focus on in today's environment. The rising costs of cyberattacks and other threats mean a clear strategy for safeguarding sensitive data is more important than ever before.