New Dynamic Application Containment feature - What's you take on it?

Status
Not open for further replies.
D

Deleted member 178

Majority of the organizations doesn't have any way to prevent patient zero because usually cyber security solutions are working only after execution. Ones that do have the capability has to block everything that is not known. It's very common that these more advanced technologies fail also because malwares can hide it's malicious attributes when ran in virtual image.

Ok, so they use "patient zero" for zero-days malwares.

They say malwares hide their malicious behavior in virtualized environment, which is true.

introduced new innovations Dynamic Application Containment and machine learning capability Real Protect to it's intelligent endpoint security solution.
Dynamic Application Containment allows you to run unknown files in contained mode, but if the file starts to do malicious acts such as encrypt other files or generate new executable files it'll be automatically blocked and you have prevented patient zero without business interruption.

Look like a policy-based sandbox based on "Ai" behavioral algorithms for blocking.
 

vemn

Level 6
Thread author
Verified
Malware Hunter
Well-known
Feb 11, 2017
265
Ok, so they use "patient zero" for zero-days malwares.

They say malwares hide their malicious behavior in virtualized environment, which is true.

Look like a policy-based sandbox based on "Ai" behavioral algorithms for blocking.

Yes it's a policy-based container I think.
Compared to others which are browser-based or "endpoint-sandboxing", this is on app or processes. Is there any other of the same kind?

I think Symantec also launched something similar.

Really curious how these work
 
Status
Not open for further replies.