All of the blocks will be logged on our server, so that will help me to refine the contextual engine rules even more. Please let me know if you experience any unwanted blocks or are able to figure out a bypass. The two most significant keys to solving cybersecurity are contextual engines and dynamic security postures. I tried to keep the new options as simple as possible, for example, the Anti-Malware and Anti-Exploit Contextual Engine option also handles scripts, LOLBins, etc. You will find the new Pro features on the DefenderGuard tab, and they are active but not user adjustable yet, but they will be soon. Trust me, it does, and this is just one example. For example, some people think that not knowing the parent process in an attack chain does not matter. And really, the whole idea behind this new feature is that context means EVERYTHING in cybersecurity. It might take a month or so to fine tune everything, but I think was are in amazing shape, and fine tuning will be super easy.Īnd actually, I have to admit, the first couple days of working on this new feature was so incredibly difficult and mind boggling, I almost gave up, thinking it was not possible. Wow, that was a long time ago… VoodooShield ?īut this new Anti-Malware and Anti-Exploit Contextual Engine tech is on an entirely different level, and it looks like it is going to work out extremely well. Obviously it is possible since many products have adopted that tech now. When I first created the original VS anti-exploit mechanism while I was on wilders, CET told me that one of our competitors told him it was not possible. It is similar to the VS anti-exploit mechanism, but utilizes a lot less code and should reduce unwanted blocks even further, while maintaining an even more robust security posture. So if you prefer slightly more robust protection, you can run VS and DefenderUI Free.Īlthough ultimately (assuming things work out as planned), both DefenderUI and VS will have the same Anti-Malware and Anti-Exploit Contextual Engine, which is the main new feature I have been working on. DefenderUI Pro is not going to be compatible with VS since they offer a lot of the same protections. Here is the first DefenderUI Pro version.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |