Mac Exploit Protection Modules (EPMs)

To combat attackers from leveraging software vulnerabilities on Mac endpoints, Traps employs the following exploit protection modules (EPMs):
Dylib-Hijacking Protection
Application Protection
Prevents Dylib-hijacking attacks where the attacker attempts to load dynamic libraries from unsecured locations to gain control of a process.
JIT Mitigation
Application Protection
Prevents an attacker from bypassing the operating system's memory mitigations using just-in-time (JIT) compilation engines. In ninja-mode, you can also configure advanced hooks and whitelists for this module.
Kernel Privilege Escalation Protection
Kernel Protection
Prevents an attacker from using the privilege information of another process with greater privileges to run a process with system permissions.
ROP Mitigation
Application Protection
Protects against the use of return oriented programming (ROP) by protecting APIs used in ROP chains.

Related Documentation