HOST PROTECTION
Attackers use “Living off the land” approach that utilizes trusted off-the-shelf and preinstalled system tools to conduct their attacks. Through the Process and Library Monitoring feature, VSP can successfully prevent fileless, file-based and script-less attacks in real time and prevent execution of such commands.
Process Monitoring feature of VSP protects end-point processes. It collects the profile of an Application Instance at a specific point in time or over a period of time. It also provides an option to import process information from a template. VSP provides two modes of process monitoring – Detect and Protect (Refer Page Monitoring Modes)
Library Monitoring feature monitors a process for all the loaded library files. Any addition to the library files can be detected and pre-configured actions can be automatically taken against the detected incident.