DriveLock
Application Behavior Control

Application WhitelistingApplication permissions that add more security to application control.

 

Application Behavior Control takes malware protection to an even higher level of security

Application control with predictive whitelisting enables administrators to control the execution of any applications against a list of approved programs. However this protection can still be optimised to prevent fileless malware where attackers use approved Windows default administration or system tools and scripts in so-called "living off the land" attacks. This enhanced prevention significantly reduce the potential threat by restricting the applications behavior through controlled permissions.

Built on DriveLock Application Control, Application Behavior Control provides additional security by controlling application behavior using application permissions. Application permissions add more granular effect and provide better prevention against the possible circumvention of the whitelist.

 

The benefits of DriveLock Application Behavior Control

Advanced anti-malware capabilities for fileless malware (VB script/powershell, macros, etc.)

Prevents bypassing the whitelist by restricting application permissions.

Reduced administration effort through automatic learning of app behavior and app categories

Central configuration and central dashboard

 

Features of the Application Behavior Control

Drivelock Operations Center Reporting Application Control Blocked Applications
  • Restrict legitimate applications and scripts to required actions and permissions
  • Targeted blocking of sub-processes
  • Access control of applications to file system and registry
  • Regulate permission hierarchies
  • Self-learning application behavior
  • Restrict file and directory filters

    Test now
 

Application permissions increase security

  • Prevent permitted applications from starting further applications (processes or scripts), which could pose potential threats to the system.
  • Specify which type of access a particular application is allowed (e.g. reading/writing to files or accessing the registry).
  • Provide better protection against "fileless" attacks and block the invocation of certain subordinate processes.

 

Take a look at individual use cases for deploying Application Behavior Control.

View Use Cases

 

Do you still have questions about Application Behavior Control?

Write to us - we will be happy to answer your questions.

With its security solution, DriveLock is actively involved in the market for more than 15 years. The company with headquarters in Munich, Germany, has become one of the leading IT specialists for IT and data security.

Contact Us

+49 (89) 546 36 49-0

info@drivelock.com

Landsberger Str. 396
81241 Munich, Germany

DriveLock News Service

©2021 DriveLock SE | All rights reserved