ESET Deep Behavioral Inspection enables deeper monitoring of unknown & suspicious processes
2020-02-24
香港
ESET Deep Behavioral Inspection enables deeper monitoring of unknown & suspicious processes
BRATISLAVA, February 25, 2020 - Today, ESET released a white paper focusing on ESET Deep Behavioral Inspection (DBI) – the latest enhancement of the system specifically designed to perform advanced behavioral analysis and detection known as ESET Host-based Intrusion Prevention System (HIPS).
“Cyber criminals will go to great lengths to achieve their ultimate goal –stealing information, computing resources or money. Apart from social engineering techniques, they employ technical tricks such as obfuscation, encryption, and process injection, designed to help their code avoid detection by built-in as well as third-party security solutions,”explains ESET Security Awareness Specialist Ondrej Kubovič. “ESET DBI, together with other HIPS modules,represents an important protective layer that can detect and report these tricks and thus block malicious activity on the targeted system,”he adds.
Deep Behavioral Inspection,as one of the latest technological additions to the ESET HIPS framework,can be found in the latest edition of ESET products for both home and business users. DBI includes new detection heuristics and enables an even deeper user-mode monitoring of unknown,suspicious processes. This is accomplished via hooks created by DBI within unknown, potentially harmful processes and monitoring of their activity and requests to the operating system. If malicious behavior is detected, DBI mitigates the activity and informs the user. If the process is suspicious, but does not show clear signs of malicious behavior, HIPS can also use the data gathered by DBI to run further analysis via its other modules.
ESET Host-based Intrusion Prevention System is a detection technology specifically created to monitor and scan behavioral events from running processes, files and registry keys,looking for suspicious activity. It focuses on a variety of malicious behaviors used either to wreak havoc on a victim’s device or to avoid detection by security solutions. The list of HIPS modules includes:
- Advanced Memory Scanner (AMS)
- Exploit Blocker (EB)
- Ransomware Shield(RS)
- Deep Behavioral Inspection (DBI)
(Image below: Schematic of how DBI fits into the existing HIPS process monitoring layer)
For more details on the inner workings of ESET HIPS read the latest white paper, “ESET Deep Behavioral Inspection” on https://www.welivesecurity.com/. Make sure to follow ESET research on Twitter for the latest news from ESET Research.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defences in realtime to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centres worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information, visit https://www.eset.hk/ or follow us on Facebook.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defences in realtime to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centres worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information, visit https://www.eset.hk/ or follow us on Facebook.
