Malicious files, known as malware, are often disguised
as or embedded in non-malicious files. These files can attempt to
gain control, gather sensitive information, or disrupt the normal
operations of the system.
Traps prevents malware by reducing the attack surface and increasing
the accuracy of malware detection. This approach combines several
layers of protection, collectively known as the
. Using the following combination of mitigation techniques,
the Malware Prevention Engine can automatically prevent malicious
and unknown executable files—including Microsoft Windows screensaver
files (.scr) and Mac object files (Mach-os)—DLLs, and macros from
running and, when unable to prevent, halt malicious behavior:
—Enables automatic detection
of known malware and analysis of unknown malware to prevents threats
quickly before an enterprise is compromised.
DLL file protection
—Enables you to block known and
unknown DLLs on Windows endpoints.
Office file protection
—Enables you to block known
and unknown macros when run from Microsoft Office files on Windows
Evaluation of trusted signers
—Permits unknown files
that are signed by trusted signers to run on the endpoint.
Local static analysis
—Enables Traps to use machine
learning to analyze unknown files and issue a verdict. Traps uses
the verdict returned by the local analysis module until it receives a
verdict from the ESM Server.
Malware protection modules
—Targets specific malware
behaviors such as from ransomware and enables you to block the creation
of child processes.
—Enables you to block files
from executing from specific local folders, network folders, or
external media locations.