Advanced Endpoint Protection Traps

Advanced Endpoint Protection Traps is a better solution than traditional antivirus. AEP traps has a multi-method prevention approach that secures endpoints against known and unknown malware and exploits before they can compromise a system. Traps prevents security breaches and successful ransomware attacks, in contrast to detection and response after critical assets have been compromised.

In the chain from preventative to compensatory, AEP traps is a preventative control. And as the introduction explains, AEP traps are better than a Anti-virus when it comes down to avoid attacks in a very early stage.

Preventative Detective Corrective Compensatory
Security Awareness Training System Monitoring OS Upgrade Backup Generator
Firewall IDS Backup Data Restoral Hot Site
AEP TRAP / Anti-virus Anti-Virus Anti-Virus Server Isolation
Security Guard Motion Detector Vulnerability Mitigation

How it conceptually works

Traps focuses on the exploitation techniques used by all exploit-based attacks rather than focussing of a lot of used attacks. Each exploit must use a series of these exploitation techniques to successfully manipulate an application. Traps renders these techniques ineffective by blocking them the moment they are attempted. Traps delivers comprehensive exploit prevention using multiple methods:

  • Pre-Exploitation Protection: Traps prevents vulnerability-profiling techniques used by exploit kits prior to launching an exploitation attack.
  • Technique-Based Exploit Prevention: Traps prevents both known and zero-day exploits by blocking the exploitation techniques attackers use to manipulate applications.
  • Kernel Exploitation Protection: Traps prevents exploits that leverage vulnerabilities in the operating system kernel to create processes with escalated (system-level)privileges.

Read more about AEP trap at:Palo Alto Networks. or read about: Security controls. Or another security related matter is reading about NIST Computer Security Publications – NIST Special Publications (SPs).