Mac Exploit Protection Modules (EPMs)
Table of Contents
4.2 (EoS)
Expand all | Collapse all
-
- Set Up the Endpoint Infrastructure
- Activate Traps Licenses
-
- Endpoint Infrastructure Installation Considerations
- TLS/SSL Encryption for Traps Components
- Configure the MS-SQL Server Database
- Install the Endpoint Security Manager Server Software
- Install the Endpoint Security Manager Console Software
- Manage Proxy Communication with the Endpoint Security Manager
- Load Balance Traffic to ESM Servers
-
- Malware Protection Policy Best Practices
- Malware Protection Flow
- Manage Trusted Signers
-
- Remove an Endpoint from the Health Page
- Install an End-of-Life Traps Agent Version
-
-
- Traps Troubleshooting Resources
- Traps and Endpoint Security Manager Processes
- ESM Tech Support File
-
- Access Cytool
- View the Status of the Agent Using Cytool
- View Processes Currently Protected by Traps Using Cytool
- Manage Logging of Traps Components Using Cytool
- Restore a Quarantined File Using Cytool
- View Statistics for a Protected Process Using Cytool
- View Details About the Traps Local Analysis Module Using Cy...
- View Hash Details About a File Using Cytool
Mac Exploit Protection Modules (EPMs)
To combat attackers from leveraging software vulnerabilities
on Mac endpoints, Traps employs the following exploit protection
modules (EPMs):
Name | Type | Description |
|---|---|---|
Dylib-Hijacking Protection | Application Protection | Prevents Dylib-hijacking attacks where the
attacker attempts to load dynamic libraries from unsecured locations
to gain control of a process. |
JIT Mitigation | Application Protection | Prevents an attacker from bypassing the
operating system's memory mitigations using just-in-time (JIT) compilation
engines. In ninja-mode, you can also configure advanced hooks and
whitelists for this module. |
Kernel Privilege Escalation Protection | Kernel Protection | Prevents an attacker from using the privilege
information of another process with greater privileges to run a
process with system permissions. |
ROP Mitigation | Application Protection | Protects against the use of return oriented
programming (ROP) by protecting APIs used in ROP chains. |