When an attacker attempts to exploit a software vulnerability,
the Traps protection modules spring into action to halt malicious
process behavior and ultimately block the attack. For example, consider
the case where a file tries to access crucial DLL metadata from
untrusted code locations. If the DLL Security module is enabled
to protect processes in your organization, Traps immediately halts
the process attempting to access the DLL metadata. Traps records
the event in its event log and notifies the user about the security
event. If configured, Traps displays a customized notification message
(for more information, see Create a Custom User Alert Message).
After successfully halting an exploit attempt, Traps collects
and analyzes data related to the event as described in Phase 2: Automated Analysis.