Linux Exploit Protection Modules
Table of Contents
4.2 (EoS)
Expand all | Collapse all
-
- Set Up the Endpoint Infrastructure
- Activate Traps Licenses
-
- Endpoint Infrastructure Installation Considerations
- TLS/SSL Encryption for Traps Components
- Configure the MS-SQL Server Database
- Install the Endpoint Security Manager Server Software
- Install the Endpoint Security Manager Console Software
- Manage Proxy Communication with the Endpoint Security Manager
- Load Balance Traffic to ESM Servers
-
- Malware Protection Policy Best Practices
- Malware Protection Flow
- Manage Trusted Signers
-
- Remove an Endpoint from the Health Page
- Install an End-of-Life Traps Agent Version
-
-
- Traps Troubleshooting Resources
- Traps and Endpoint Security Manager Processes
- ESM Tech Support File
-
- Access Cytool
- View the Status of the Agent Using Cytool
- View Processes Currently Protected by Traps Using Cytool
- Manage Logging of Traps Components Using Cytool
- Restore a Quarantined File Using Cytool
- View Statistics for a Protected Process Using Cytool
- View Details About the Traps Local Analysis Module Using Cy...
- View Hash Details About a File Using Cytool
Linux Exploit Protection Modules
Traps for Linux provides advanced exploit protection
from brute force attacks, kernel privilege escalation and other common
techniques.
To combat attackers from leveraging software vulnerabilities
on Linux endpoints, Traps employs the following exploit protection
modules (EPMs):
Name | Type | Description |
|---|---|---|
Brute Force Protection | Application Protection | Prevents attackers from hijacking the process
control flow by monitoring memory layout enumeration attempts. |
Kernel Privilege Escalation Protection | Kernel Protection | Prevents an attacker from using the privilege information
of another process with greater privileges to run a process with
system permissions. |
ROP Mitigation | Application Protection | Protects against the use of return oriented programming
(ROP) by protecting APIs used in ROP chains. |
Shellcode Protection | Application Protection | Reserves and protects certain areas of memory commonly
used to house payloads using heap spray techniques. |