Layered Defense
A single layer of defense is not sufficient for today's ever-evolving threat landscape. All endpoint products are capable of detecting malware before execution, during execution, and after execution. An additional layer can be implemented in the form of cloud sandbox analysis with ESET Dynamic Threat Defense. By not focusing only on a specific part of the malware lifecycle, ESET can provide the highest level of protection possible.
A single layer of defense is not sufficient for today's ever-evolving threat landscape. All endpoint products are capable of detecting malware before execution, during execution, and after execution. An additional layer can be implemented in the form of cloud sandbox analysis with ESET Dynamic Threat Defense. By not focusing only on a specific part of the malware lifecycle, ESET can provide the highest level of protection possible.
Management server
ESET File Security solutions are managed by a single pane-of-glass that can be installed on Windows or Linux. In addition to installation, ESET offers a virtual appliance that can be easily imported for quick and easy setup.
Machine Learning
All ESET Endpoint products currently use machine learning in conjunction with all of our other layers of defense, and have been doing so since 1997. Specifically, machine learning is used in the form of consolidated output and neural networks.
Use Cases
PROBLEM
Some companies want additional assurance that they are protected from ransomware attacks. They also want to ensure that their network drives are not encrypted.
The ESET Difference
Behavior-based detection - HIPS
ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a predefined set of rules to detect and stop suspicious system behavior.
Ransomware Protection
An additional layer that protects users from ransomware. Our technology monitors and evaluates all running applications based on their behavior and reputation. It is designed to detect and block processes that resemble ransomware behavior.
NetworkAttack Protection
ESET Network Attack Protection improves the detection of known network-level vulnerabilities. It provides another important layer of protection against malware proliferation, network-driven attacks, and exploitation of vulnerabilities for which a patch has not yet been published or deployed.
BotnetProtection
ESET Botnet Protection detects malicious communications used by botnets while identifying the attacking processes. Any malicious communication detected is blocked and reported to the user.
Office 365 OneDrive storage
Once enrolled on a single server, ESET can scan OneDrive to reveal and monitor the trusted source of corporate storage.
Optional Cloud Sandbox Analysis
ESET Dynamic Threat Defense adds another layer of security to ESET File Security solutions by using cloud-based sandboxing technology to detect new, never-before-seen types of threats.
AMSI/Protected Service Support
ESET products leverage the Antimalware Scan Interface (AMSI) to provide advanced malware protection for users, data, applications and workloads. Additionally, it leverages the Protected Service Interface, a new security module built into Windows that only allows trusted, signed code to be loaded and better protects against code injection attacks.
Unmatched Performance
ESET products continue to excel in performance, winning third-party tests that prove how light our endpoints are on systems. ESET File Security solutions are based on a 64-bit core and include DLL modules that save more memory, enable faster computer boot times and allow native support for future Windows updates.
ESET cutting-edge technology
Continuous development of leading protection.
Our global research labs drive the development of ESET's unique technology
ESET uses multi-layered technologies that go far beyond the capabilities of simple antivirus protection. The figure below shows various core ESET technologies and an approximate idea of when and how they can detect and/or block a threat during its lifecycle in the system.
Botnet Protection
ESET Botnet Protection detects malicious communications used by botnets while identifying the attacking processes. Any malicious communication detected is blocked and reported to the user.
ESET File Security solutions are managed by a single pane-of-glass that can be installed on Windows or Linux. In addition to installation, ESET offers a virtual appliance that can be easily imported for quick and easy setup.
Machine Learning
All ESET Endpoint products currently use machine learning in conjunction with all of our other layers of defense, and have been doing so since 1997. Specifically, machine learning is used in the form of consolidated output and neural networks.
Use Cases
PROBLEM
Some companies want additional assurance that they are protected from ransomware attacks. They also want to ensure that their network drives are not encrypted.
- Network Attack Protection is able to prevent ransomware from ever infecting a system by stopping exploits at the network layer.
- Our layered defense has an in-product sandbox capable of detecting malware that attempts to evade detection through obfuscation.
- Use ESET's cloud malware protection to automatically protect against new threats without having to wait for the next detection update. Typical response time of 20 minutes.
- All products include post-execution protection in the form of Ransomware Shield to ensure organizations are protected from malicious file encryption.
The ESET Difference
Behavior-based detection - HIPS
ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a predefined set of rules to detect and stop suspicious system behavior.
Ransomware Protection
An additional layer that protects users from ransomware. Our technology monitors and evaluates all running applications based on their behavior and reputation. It is designed to detect and block processes that resemble ransomware behavior.
NetworkAttack Protection
ESET Network Attack Protection improves the detection of known network-level vulnerabilities. It provides another important layer of protection against malware proliferation, network-driven attacks, and exploitation of vulnerabilities for which a patch has not yet been published or deployed.
BotnetProtection
ESET Botnet Protection detects malicious communications used by botnets while identifying the attacking processes. Any malicious communication detected is blocked and reported to the user.
Office 365 OneDrive storage
Once enrolled on a single server, ESET can scan OneDrive to reveal and monitor the trusted source of corporate storage.
Optional Cloud Sandbox Analysis
ESET Dynamic Threat Defense adds another layer of security to ESET File Security solutions by using cloud-based sandboxing technology to detect new, never-before-seen types of threats.
AMSI/Protected Service Support
ESET products leverage the Antimalware Scan Interface (AMSI) to provide advanced malware protection for users, data, applications and workloads. Additionally, it leverages the Protected Service Interface, a new security module built into Windows that only allows trusted, signed code to be loaded and better protects against code injection attacks.
Unmatched Performance
ESET products continue to excel in performance, winning third-party tests that prove how light our endpoints are on systems. ESET File Security solutions are based on a 64-bit core and include DLL modules that save more memory, enable faster computer boot times and allow native support for future Windows updates.
ESET cutting-edge technology
Continuous development of leading protection.
Our global research labs drive the development of ESET's unique technology
ESET uses multi-layered technologies that go far beyond the capabilities of simple antivirus protection. The figure below shows various core ESET technologies and an approximate idea of when and how they can detect and/or block a threat during its lifecycle in the system.
UEFI Scanner
ESET is the first Internet security vendor to integrate a special layer of Unified Extensible Firmware Interface (UEFI) protection into its solution. ESET UEFI Scanner checks and enforces the security of the pre-boot environment compliant with the UEFI specification. It is designed to detect malicious components in firmware and report them to the user.
DNA detections
Detection types range from very specific hashes to ESET DNA detections, which are complex definitions of malicious behavior and malware characteristics.
While malicious code can be easily modified or obfuscated by attackers, object behavior is not so easily changed, and ESET DNA detections are designed to take advantage of this principle.
ESET is the first Internet security vendor to integrate a special layer of Unified Extensible Firmware Interface (UEFI) protection into its solution. ESET UEFI Scanner checks and enforces the security of the pre-boot environment compliant with the UEFI specification. It is designed to detect malicious components in firmware and report them to the user.
DNA detections
Detection types range from very specific hashes to ESET DNA detections, which are complex definitions of malicious behavior and malware characteristics.
While malicious code can be easily modified or obfuscated by attackers, object behavior is not so easily changed, and ESET DNA detections are designed to take advantage of this principle.
Machine Learning
ESET has developed an in-house machine learning engine called ESET Augur. It uses the combined power of neural networks (such as Deep Learning and long-term memory) and a hand-picked set of six classification algorithms. This allows it to generate a consolidated output and help correctly flag the incoming sample as clean, potentially unwanted or malicious.
Cloud Malware Protection System
The ESET Cloud Malware Protection System is one of several technologies based on ESET's LiveGrid® cloud system. Unknown, potentially malicious applications and other potential threats are monitored and communicated to the ESET Cloud via the ESET LiveGrid® Feedback System.
ESET has developed an in-house machine learning engine called ESET Augur. It uses the combined power of neural networks (such as Deep Learning and long-term memory) and a hand-picked set of six classification algorithms. This allows it to generate a consolidated output and help correctly flag the incoming sample as clean, potentially unwanted or malicious.
Cloud Malware Protection System
The ESET Cloud Malware Protection System is one of several technologies based on ESET's LiveGrid® cloud system. Unknown, potentially malicious applications and other potential threats are monitored and communicated to the ESET Cloud via the ESET LiveGrid® Feedback System.
Reputation & Cache
When scanning a file or URL, our products check the local cache for known malicious or whitelisted benign objects before scanning. This improves scanning performance.
Next, our ESET LiveGrid® Reputation System queries for the object's reputation (i.e., whether the object has already been seen elsewhere and classified as malicious). This improves scanning efficiency and enables faster sharing of malware information with our customers.
Behavioral detection and blocking - HIPS
ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a predefined set of rules to detect suspicious system behavior. When this type of activity is identified, the HIPS self-defense mechanism stops the attacking program or process from performing potentially harmful activities.
When scanning a file or URL, our products check the local cache for known malicious or whitelisted benign objects before scanning. This improves scanning performance.
Next, our ESET LiveGrid® Reputation System queries for the object's reputation (i.e., whether the object has already been seen elsewhere and classified as malicious). This improves scanning efficiency and enables faster sharing of malware information with our customers.
Behavioral detection and blocking - HIPS
ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a predefined set of rules to detect suspicious system behavior. When this type of activity is identified, the HIPS self-defense mechanism stops the attacking program or process from performing potentially harmful activities.
In-Product Sandbox
Today's malware is often highly obfuscated and attempts to evade detection as much as possible. To see through this and identify the actual behavior hiding beneath the surface, we use in-product sandboxing. Using this technology, ESET solutions emulate various components of computer hardware and software to run a suspicious sample in an isolated, virtualized environment.
Advanced Memory Scanner
Advanced Memory Scanner is a unique ESET technology that effectively addresses a major problem of modern malware - the heavy use of obfuscation and/or encryption. To address these issues, Advanced Memory Scanner monitors the behavior of a malicious process and scans it as soon as it exposes itself in memory.
Today's malware is often highly obfuscated and attempts to evade detection as much as possible. To see through this and identify the actual behavior hiding beneath the surface, we use in-product sandboxing. Using this technology, ESET solutions emulate various components of computer hardware and software to run a suspicious sample in an isolated, virtualized environment.
Advanced Memory Scanner
Advanced Memory Scanner is a unique ESET technology that effectively addresses a major problem of modern malware - the heavy use of obfuscation and/or encryption. To address these issues, Advanced Memory Scanner monitors the behavior of a malicious process and scans it as soon as it exposes itself in memory.
Exploit Blocker
Exploit Blocker typically monitors exploitable applications (browsers, document readers, email clients, Flash, Java, etc.) and does not just target specific CVE identifiers, but focuses on exploitation techniques. When triggered, the behavior of the process is analyzed, and if it is deemed suspicious, the threat can be immediately blocked on the machine.
Ransomware Protection
ESET Ransomware Shield is an additional layer that protects users from ransomware. This technology monitors and evaluates all running applications based on their behavior and reputation. It is designed to detect and block processes that resemble the behavior of ransomware.
Exploit Blocker typically monitors exploitable applications (browsers, document readers, email clients, Flash, Java, etc.) and does not just target specific CVE identifiers, but focuses on exploitation techniques. When triggered, the behavior of the process is analyzed, and if it is deemed suspicious, the threat can be immediately blocked on the machine.
Ransomware Protection
ESET Ransomware Shield is an additional layer that protects users from ransomware. This technology monitors and evaluates all running applications based on their behavior and reputation. It is designed to detect and block processes that resemble the behavior of ransomware.
NetworkAttackProtection
Network Attack Protection is an extension of firewall technology and improves the detection of known network-level vulnerabilities. It provides another important layer of protection against malware proliferation, network-managed attacks, and exploitation of vulnerabilities for which a patch has not yet been released or deployed.
Network Attack Protection is an extension of firewall technology and improves the detection of known network-level vulnerabilities. It provides another important layer of protection against malware proliferation, network-managed attacks, and exploitation of vulnerabilities for which a patch has not yet been released or deployed.
Botnet Protection
ESET Botnet Protection detects malicious communications used by botnets while identifying the attacking processes. Any malicious communication detected is blocked and reported to the user.