New forms of attack are constantly being developed, and relying solely on signature-based security is no protection against the many new virus variants or against the sheer volume of new malware types. StormShield’s integrated Host Intrusion Protection System (HIPS) complements the integrated signature-based anti-virus/anti-spyware service and addresses this challenge through a unique combination of proactive methods to combat unknown attacks:

System Hardening | Intrusion Prevention | Behavioral analysis | Rule-Based Protection

Behavioral Analysis for proactive defense

Known threats are not all that IT must worry about. New attacks are designed to thwart known defenses and exploit new software vulnerabilities. Leaning completely on traditional security measures that rely upon signatures or heuristics, you cannot stop a new attack until it is known and understood or unless it behaves in a predictable manner. Signature-based protection can help to identify the attack but cannot protect you from the sheer volume of malware types and variants. A slight variation of a known attack could easily slip by signature-based defenses.

StormShield addresses the issue of zero-day exploits and unknown malware by analyzing behaviors, rather than relying complete on a signature-based security service. The StormShield solution utilizes a “learning mode” to monitor the critical system calls performed by each application and develop a system profile, which is then used as a baseline for anomaly detection. In other words, StormShield dynamically and autonomously generates a portion of its own knowledge base, adapting to each application’s behavior. Combining these learned profiles and system expert rules, StormShield detects abnormal sequences of system calls that are indicative of an attack.

Behavioral analysis protects you by:

• Ensuring system integrity
• Stopping zero-day attacks
• Protecting against stealthy attacks
• Detecting and halting of abnormal process behaviors
• Defeating attempts to hijack applications