New forms of attack are constantly being developed, and relying solely on signature-based security is no protection against the many new virus variants or against the sheer volume of new malware types. StormShield’s integrated Host Intrusion Protection System (HIPS) complements the integrated signature-based anti-virus/anti-spyware service and addresses this challenge through a unique combination of proactive methods to combat unknown attacks:

System Hardening | Intrusion Prevention | Behavioral analysis | Rule-Based Protection

System Hardening

StormShield automatically safeguards operating system and application processes with detection mechanisms and anomaly blocking; this layer of protection is not based on Access Control Lists, but on generic patterns associated with certain types of attacks. Patterns are defined based on the study of malicious code behavior—for example, how malicious code enters the system and corrupts executables and how it accesses protected information.

StormShield system hardening addresses threats such as memory overflow attacks, keylogging, unauthorized privileges elevation, abnormal system reboots, CPU overuse, code injection, and process attachments. SkyRecon continuously develops new forms of automatic protection (such as rootkit protection) and improving existing protection mechanisms (such as screenshot logging and advanced shellcodes).

StormShield hardens computing systems through:

• Memory overflow prevention
• Keylogging prevention
• Process hijacking and code injection prevention
• Protection of critical system resources, such as CPU usage
• Prevention of non-user initiated reboots
• Stopping of unauthorized elevation of privileges
• Prevention of antivirus software shutdowns
• Advanced rootkit detection