Palo Alto Networks, the next-generation security company, has announced enhancements to its Traps advanced endpoint protection offering that strengthen its malware and exploit prevention capabilities and extend support to more operating systems, including macOS and Android (beta).
A verified AV-replacement for organizations subject to HIPAA regulations or PCI DSS standards, Traps employs a multi-method prevention approach to blocking both known and unknown malware as well as exploits before they compromise endpoints.
Despite increased investment in endpoint security, cyber adversaries continue to compromise endpoints at a rate that outpaces organizational investments. Legacy and next-generation AV point products have made attempts to close this gap, but they have merely replaced one ineffective malware detection method with another without significantly advancing their ability to identify and prevent exploits and unknown malware.
The enhancements announced today as part of Traps version 4.0 address these challenges, with the addition of support for macOS and Android (beta), plus several new prevention modules designed to detect and stop ransomware and other advanced threats.
In addition, when implemented in conjunction with other elements of the Palo Alto Networks Next-Generation Security Platform, customers can now correlate endpoint and network security events and threat intelligence information via Panorama™ network security management to mitigate the risk of cyber breaches across endpoints, firewalls, cloud and SaaS applications.
Key new advancements introduced include:
- Support for macOS and Android (beta): Traps now secures macOS systems, replacing legacy AV with a multi-method approach to prevention. Protection for Android devices is also available via a community access beta program.
- Protection from malicious macros: Prevent macro-based attacks often used by ransomware and other advanced attacks by preemptively blocking known and unknown malicious macros embedded in Microsoft Office documents.
- Prevention of script-based attacks: Prevent vulnerable processes like browsers and Office applications from launching sensitive tools like PowerShell and scripting engines.
- Exploit kit fingerprint protection: Disrupt attacker attempts to identify and target vulnerable endpoints by blocking their profiling tools.
- Kernel privilege escalation protection: Block advanced attacks targeting the operating system itself.