Video predstavitev: Power of the Plus

V videu nam Karl Ackerman, Sophos Principal Product Manager, razloži posamezne varnostne funkcije v Sophos AV produktih in produktu Intercept X 2.0 EAP.

Kasneje prikaže, kako se posamezne varnostne funkcije odzivajo na različne načine poskusa napada na Win10 sistem, na katerem sta nameščena Central Endpoint Advanced in Intercept X 2.0 EAP, ki že vključuje strojno učenje.  

  • Attack Surface Controls (CEA) - Device, Web and Application Control
  • Web Protect (CES/CEA) - Malicious file download
  • Heuristics/Signature Scans (CES/CEA) - Malicious file on disk
  • ML Pre-execute scans (CIX) - ML Detection of existing Malware/PUA and zero day malware
  • Runtime memory scans triggered by suspect behavior-HIPS (CES/CEA) – Memory scan to detect malware
  • Runtime behavior pattern lockdown (CIX) - Prohibited behavior for browser/HTA application
  • Anti-Exploit (CIX) - Code Cave
  • Active Adversary (CIX) - Priv Escalate, Cred Theft
  •  Root Cause Analysis (CIX) - Behavior Lockdown, Malicious file scan
CEA - Central Endpoint Advanced, CES - Central Endpoint Standard, CIX - Central Intercept X, ML - Machine Learning