Proactive Defense
The "OSPD" (Online Solutions Proactive Defense) proactive security system provides the integrity of software environment and blocks the activity of known and unknown malicious code in advance.
The security core comprises several technological approaches: HIPS, SandBox, AntiRootkit, AntiSpyware and an antivirus.
The "OSPD" system protects the user’s computer from unknown viruses and “Trojan horses” using the advantages of the behavioral analysis technology, but is not limited to it. The behavioral method is based on the analysis of what specifically applications do in the system: some actions may be legitimate and harmless, but their combination in a certain sequence can explicitly point to malicious intentions.
*** The product will be released as a part of "OSSS" (Online Solutions Security Suite) »
Functional capabilities:
- The "OSPD" kernel is loaded before all other system drivers and takes control of the system from the very start.
- The combination of a behavioral analysis unit with an anti-virus core supporting heuristic analysis and supplied with a large signature base of modern viruses, network and email worms, trojan horses, adware, spyware, dialers and rootkits, allows you to prevent known (or similar to known) malicious code from appearing and being executed on the user’s system.
- The solution interacts with the operating system on the lowest level. Malicious code can be hooked on several levels to prevent it from bypassing parts of the defense system.
- Permanent analysis of CPU tables and the structures of the OS kernel. Control of integrity of kernel-mode system modules. Suppression of low-level hooking attempts used in rootkits. Detection and prevention of kernel-mode code execution by undocumented methods.
- Monitoring of installation and usage of system services and drivers. Constant monitoring of process and system drivers hiding.
-
Application rules and their flexible configuration options allow you to explicitly restrict the abilities of each program both in terms of interprocess communication and interaction with the operating system. You can create a new rule or a set of rules and assign them to any action. Interprocess communication is monitored and controlled in over 10 different aspects: access to the memory of another process, thread generation in the address space of another process, injection of a new dynamic library, etc.
See also integration with a firewall (full control over the system’s network activity). - Control of integrity of all applications that have rules assigned to them. Automatic scanning of suspicious applications for known viruses.
- "OSPD" provides extensive monitoring capabilities and allows you to change the OS parameters that relate to the operation (explicit and implicit) of malicious code. That is why the treatment of an infected computer is possible both in automatic and manual modes (using an expert’s help) if the system was infected before proactive defense was installed.
- Control over registry-related operations: autorun, system parameters and security policies.
- Control over the installation and use of ActiveX-objects and browser extensions (BHO).
- Warnings about sites with unwanted content and their blocking during web browsing.
- Prevention of known malicious activities: modification of executable files, saving of network-based virus loaders, DNS changes, modification of Internet Explorer parameters.
- Scanning of your hard drive, memory and any objects (upon user’s request) for known viruses. Analysis of suspicious objects in the system.
- Control over own kernel integrity and access to it and all of its components. Protection of internal data structures and communication between their separate parts.
- Event logging system. The system allows you to analyze the actions of specific applications in the system.
*** The product will be released as a part of "OSSS" (Online Solutions Security Suite) »