Skip to content
Execution Prevention
BlackFog 4.2 and above offers a new feature called “execution prevention” within the settings. This option provides a new technique for preventing malware execution.
Process Monitoring
Typically, organizations and previous editions of BlackFog utilized a whitelisting approach, whereby execution of rogue malware was prevented by blocking execution in specific directories such as temporary folders or application data directories. Whilst very effective at preventing malware, the downside was that many legitimate applications often used these locations as well. Even though this is against guidelines, companies such as Google and Microsoft’s own applications sometimes used this method, meaning that when you installed a new application that used these directories you had to whitelist the files. Users found this to be invasive so we decided to develop a new approach.
We have eliminated whitelisting in favor of process monitoring and application validation. This is a behavioral technique for detecting malicious activity. The principle behind this technique is that malware often masquerades as other applications, spawns from system processes and executes in certain ways. In these scenarios we introspect all of the processes to see if they are being hijacked, replicated or simply spoofed. As with the data exfiltration rules, this is done in real-time.
Reducing False Positives
Ultimately this will lead to less false positives and ensure more accurate protection than whitelisting can ever provide. In addition, this will protect execution across the entire device rather than specific directories.
Share This Story, Choose Your Platform!
Related Posts
BlackFog’s 2025 State of Ransomware Report Reveals 49% Increase in Attacks Year on Year
BlackFog’s 2025 State of Ransomware Report reveals a 49% surge in attacks, AI-driven threats, and why 86% of ransomware incidents go undisclosed.
2025 State of Ransomware Annual Report
BlackFog’s 2025 State of Ransomware Annual Report reveals a 49% surge in attacks, AI-driven threats, and why 86% of ransomware incidents go undisclosed.
The Expanding Role Of AI In Cybersecurity For Enterprises
With cyberattackers increasingly using AI-driven methods, find out why it's more important than ever for businesses to reevaluate the role of AI in cybersecurity.
Putting AI Protection Into Practice Across The Enterprise
The rise of tools like ChatGPT means that AI protection must now be a top priority for every firm. Learn what's involved in ensuring these platforms are used responsibly.
Addressing The AI Cybersecurity Risks Lurking Beneath Everyday Activities
A lack of visibility into how data is being used is one of the biggest AI cybersecurity risks every enterprise has to deal with. Find out why this matters.
AI Cybersecurity Threats Vs Traditional Attacks: What’s Changed?
Understanding what AI cybersecurity threats firms face and how they differ from traditional dangers is now essential for all companies. Here's what you need to know.