Traps Endpoint Security Manager Administrator's Guide
    : Default Protection Policy
    Focus
    Focus
    1. Home
    2. Traps
    3. Traps Endpoint Security Manager Administrator's Guide
    4. Getting Started with Rules
    5. Endpoint Policy Rule Concepts
    6. Default Protection Policy

    Traps Endpoint Security Manager Administrator's Guide

    Default Protection Policy

    Table of Contents

    Default Protection Policy

    The Endpoint Security Manger is preconfigured with a default security policy which contains a curated set of Malware Protection Rules and Exploit Protection Rules. This default security policy automatically protect your endpoints from common software vulnerabilities, exploits, and malware techniques without requiring additional configuration.
    The following table describes the protection modules and the default configuration provided in content update version 13. When configuring new rules, you can override the settings to meet the requirements of your organization’s security policy.
    Module
    OS
    Enabled by Default?
    Mode
    User Alert
    Malware Protection Modules
    Child Process Protection
    Windows
    Prevention
    On
    Gatekeeper Enhancement
    Mac
    Prevention
    On
    Anti-Ransomware Protection
    Windows
    Prevention
    On
    Exploit Protection Modules
    Brute Force Protection
    Linux
    Prevention
    CPL Protection
    Windows
    Prevention
    On
    DEP
    Windows
    Prevention
    On
    DLL Security
    Windows
    Prevention
    On
    DLL-Hijacking Protection
    Windows
    Prevention
    On
    Dylib-Hijacking Protection
    Mac
    Prevention
    On
    Exception Heap Spray Check
    Windows
    Prevention
    On
    Exploit Kit Fingerprinting Protection
    Windows
    Prevention
    On
    Font Protection
    Windows
    Prevention
    On
    Hot Patch Protection
    Windows
    Prevention
    On
    JIT Mitigation
    Windows and Mac
    Prevention
    On
    Kernel APC Protection
    Windows
    Prevention
    Off
    Kernel Privilege Escalation Protection
    Windows, Mac, Linux
    Prevention
    On (Windows and Mac only)
    Library Preallocation
    Windows
    Prevention
    On
    Memory Limit Heap Spray Check
    Windows
    Prevention
    On
    Null Dereference Protection
    Windows
    Prevention
    On
    ROP Mitigation
    Windows, Mac, Linux
    Prevention
    On (Windows and Mac only)
    SEH Protection
    Windows
    Prevention
    On
    Shellcode Preallocation
    Windows
    Prevention
    On
    Shellcode Protection
    Linux
    Prevention
    ShellLink Protection
    Windows
    Prevention
    On
    SysExit
    Windows
    Prevention
    On
    UASLR
    Windows
    Prevention
    On

    © 2024 Palo Alto Networks, Inc. All rights reserved.