
BlackFog 4.2 offers a new feature called “execution prevention” within the settings. This option provides a new technique for preventing malware execution.
Typically, organizations and previous editions of BlackFog utilized a whitelisting approach, whereby execution of rogue malware was prevented by blocking execution in specific directories such as temporary folders or application data directories. Whilst very effective at preventing malware, the downside was that many legitimate applications often used these locations as well. Even though this is against guidelines, companies such as Google and Microsoft’s own applications sometimes used this method, meaning that when you installed a new application that used these directories you had to whitelist the files. Users found this to be invasive so we decided to develop a new approach.
We have eliminated whitelisting in favor of process monitoring and application validation. This is a behavioral technique for detecting malicious activity. The principle behind this technique is that malware often masquerades as other applications, spawns from system processes and executes in certain ways. In these scenarios we introspect all of the processes to see if they are being hijacked, replicated or simply spoofed. As with the data exfiltration rules, this is done in real-time.
Ultimately this will lead to less false positives and ensure more accurate protection than whitelisting can ever provide. In addition, this will protect execution across the entire device rather than specific directories.
Related Posts
BlackFog Awarded 2025 MSP Today Product of the Year
BlackFog ADX wins 2025 MSP Today Product of the Year, recognizing its leadership in ransomware prevention and anti-data exfiltration.
Data Splicing vs. Traditional DLP: The New Threat for Enterprises
Explore how data splicing attacks bypass traditional DLP solutions and why ADX, with its real-time endpoint monitoring and AI based threat analysis, offers a powerful defense against advanced data exfiltration techniques.
Data Backup and Data Recovery: What Every Business Needs to Know
Understand these critical data backup and data recovery steps to reduce the risk of lengthy downtime following data loss.
DNS Exfiltration: How Hackers Use Your Network to Steal Data Without Detection
Learn how DNS exfiltration works and why this method of data theft often goes undetected.
How Do You Protect Yourself From Hackers? Proactive Strategies for Business Data Security
Follow these advanced data protection strategies to help protect your firm from hackers in an increasingly challenging environment.
5 Steps to a Disaster Recovery Plan That Protects Your Business
Follow these key steps to develop a data backup and recovery plan fit for the digital-first world.