Phase 1: Prevention Event Triggered

When an attacker attempts to exploit a software vulnerability, the Traps protection modules spring into action to halt malicious process behavior and ultimately block the attack. For example, consider the case where a file tries to access crucial DLL metadata from untrusted code locations. If the DLL Security module is enabled to protect processes in your organization, Traps immediately halts the process attempting to access the DLL metadata. Traps records the event in its event log and notifies the user about the security event. If configured, Traps displays a customized notification message (for more information, see Create a Custom User Alert Message).
After successfully halting an exploit attempt, Traps collects and analyzes data related to the event as described in Phase 2: Automated Analysis.

Recommended For You