Table of Contents
4.2 (EoS)
Expand all | Collapse all
-
- Set Up the Endpoint Infrastructure
- Activate Traps Licenses
-
- Endpoint Infrastructure Installation Considerations
- TLS/SSL Encryption for Traps Components
- Configure the MS-SQL Server Database
- Install the Endpoint Security Manager Server Software
- Install the Endpoint Security Manager Console Software
- Manage Proxy Communication with the Endpoint Security Manager
- Load Balance Traffic to ESM Servers
-
- Malware Protection Policy Best Practices
- Malware Protection Flow
- Manage Trusted Signers
-
- Remove an Endpoint from the Health Page
- Install an End-of-Life Traps Agent Version
-
-
- Traps Troubleshooting Resources
- Traps and Endpoint Security Manager Processes
- ESM Tech Support File
-
- Access Cytool
- View the Status of the Agent Using Cytool
- View Processes Currently Protected by Traps Using Cytool
- Manage Logging of Traps Components Using Cytool
- Restore a Quarantined File Using Cytool
- View Statistics for a Protected Process Using Cytool
- View Details About the Traps Local Analysis Module Using Cy...
- View Hash Details About a File Using Cytool
About Traps
Cyberattacks are attacks performed on networks or endpoints
to inflict damage, steal information, or achieve other goals that
involve taking control over computer systems that do not belong
to the attackers. Adversaries perpetrate cyberattacks either by
causing a user to unintentionally run a malicious executable file
or by exploiting a weakness in a legitimate executable file to run
malicious code behind the scenes without the knowledge of the user.
One way to prevent these attacks is to identify executable files,
dynamic-link libraries (DLLs), or other pieces of code as malicious
and then prevent them from executing by testing each potentially
dangerous code module against a list of specific, known threat signatures.
The weakness of this method is that it is time-consuming for signature-based
antivirus (AV) solutions to identify newly created threats that
are known only to the attacker (also known as zero-day attacks or
exploits) and add them to the lists of known threats, which leaves endpoints
vulnerable until signatures are updated.
The Traps solution takes a more effective and efficient approach
to preventing attacks thus eliminating the need for traditional
AV. Rather than try to keep up with the ever-growing list of known
threats, Traps sets up a series of roadblocks that
prevent the attacks at their initial entry points—that point where
legitimate executable files are about to unknowingly allow malicious
access to the system.
Traps targets software vulnerabilities in processes that open
non-executable files using exploit prevention techniques. Traps
also uses malware prevention techniques to prevent malicious executable
files from running. Using this two-fold approach, the Traps solution
can prevent all types of attacks, whether they are known or unknown
threats.
All aspects of endpoint security settings—the endpoints and groups
to which settings are applied, the applications they protect, the
defined rules, the restrictions, and the actions—are all highly
configurable. This allows each organization to tailor Traps to its
needs so that Traps can provide maximum protection with minimal
disruption of day-to-day activities.