Risk Reduction, has a ton of features that are applied globally to the machine.
- CryptoGuard, protection against crypto-ransomware attacks.
- Wipeguard, protects the MBR/VBR from being overwritten.
- Credential Theft Protection, protects against attempts to steal credentials from Windows (LSASS/SAM) and Chromium Browsers (cookies/auth tokens).
- Remote desktop Lockdown, can add a '2FA/Token' to your Remote machine so that an attacker with stolen credentials cannot introduce new code to the machine.
- Process Protection, a wide range of protections added to processes.
- Hollow Process mitigation, prevents process unmapping.
- Local Privilege mitigation, prevents insertion of auth. tokens.
- Code Cave mitigation, stops backdoors in trusted code.
- Heap Heap protect, stops post-exploitation payload injection.
- Asynchronous Procedure Calls, stops code injection via APC.
- DLL Hijacking, gives priority to system libraries.
- CTF Guard, validates CTF protocol caller.
- Unexpected system calls, stops evasion of security hooks.
- Webcam notifier, warns when the webcam is used.
- Keystroke encryption, protects against keyloggers.
- Vaccination, stops sandbox-aware malware.
- BadUSB, stops malicious USB devices e.g. evil maid attack.
Comments
0 comments
Article is closed for comments.