With Intrusion Prevention, can you setup rules that stop Rootkits and Malware from Accessing the Kernel?
I want to create a rule setup that provides enhanced anti-tampering, but also should stop rootkits.
With Intrusion Prevention, can you setup rules that stop Rootkits and Malware from Accessing the Kernel?
I want to create a rule setup that provides enhanced anti-tampering, but also should stop rootkits.
NIPS for network to prevent the exploit, HIPS configured for the local system to prevent spread to the kernal but it's not a matter of IPS.
You need to holistically harden and have good security operations.IPS is a good layers to prevent an exploit or malicious behaviors... but still not a solution.