Panda Adaptive Defense 360 implements technologies to protect network computers against threats capable of leveraging vulnerabilities in installed software. These vulnerabilities can be exploited to cause anomalous behaviors in applications, leading to security failures on customers' networks.
Exploit threats leverage both known and unknown (zero-day) vulnerabilities, triggering a chain of events (CKC, Cyber Kill Chain) that they must follow to compromise systems. Panda Adaptive Defense 360 blocks this chain of events effectively and in real time, neutralizing exploit attacks and rendering them harmless.
In order to achieve these high levels of protection and immediate response, Panda Adaptive Defense 360 implements new hooks in the operating system, using them to locally and continually monitor all actions taken by the processes run on users' computers.
This strategy allows Panda Adaptive Defense 360 to detect the exploit techniques used by hackers, going beyond the traditional approach used by other security products and consisting of searching for patterns and statically detecting CVE-payload pairs through signature files.
In short, Panda Adaptive Defense 360 leverages constantly-evolving technologies to provide global anti-exploit protection against advanced vulnerability exploit techniques such as the following:
- Attack Surface Reduction (ASR)
- Data Execution Prevention (DEP)
- Structured Exception Handling Overwrite Protection (SEHOP)
- Null Page Security Mitigation
- Heap Spray Allocation
- Export Address Table Access Filtering (EAF)
- Mandatory Address Space Layout Randomization (ASLR)
- Bottom-Up ASLR Security Mitigation
- Load Library Check – Return Oriented Programming (ROP)
- Memory Protection Check – Return Oriented Programming (ROP)
- Caller Checks – Return Oriented Programming (ROP)
- Simulate Execution Flow – Return Oriented Programming (ROP)
- Stack Pivot – Return Oriented Programming (ROP)
- Process Doppelgänging