The StormShield Security Suite from the Arkoon Network Security group again demonstrated its advanced technology by proactively blocking (without the requirement for any updates) the latest identified vulnerabilities in Java and Microsoft Internet Explorer. It seems that every other week there are reports from major software suppliers of security flaws in their products that can be exploited by attackers. In every case there is a significant lag time between the flaw being widely distributed and when the manufacturer publicly discloses it and then another significant lag time (from weeks to months) for a patch to be provided. Hundreds of millions computers are directly affected by these flaws.
Hackers are constantly seeking these vulnerabilities and are quick to exploit them. How can organizations defend their systems from flaws like this that occur in applications that are essential for the productivity of their workers? Standard endpoint protection suites that are dependent on signatures cannot provide protection. AV will not defend against attacks that exploit these flaws. Eventually, after a great deal of damage has been done, most endpoint protection and AV products will have a signature file update that may stop future exploits of this specific flaw. However, by the time that this defense is applied, the attacks have achieved their goals and the attackers are moving on to the next unpatched vulnerability. In both the recently disclosed Java and Microsoft vulnerabilities there is clear evidence that the flaws have existed and been exploited for weeks or months and, although patches have been released, it is still not clear if the patches have truly addressed the flaws.
Is there a way to be protected against attacks using these flaws in applications that you are using? YES!
As in past similar Adobe and IE vulnerabilities (and other unpatched vulnerabilities in applications from multiple vendors over the past few years), customers using StormShield are protected against this type of vulnerability when there is no security patch available from Microsoft, Oracle or others by using a unique multi-layer behavioral protection methodology. StormShield HIPS protection is proven to recognize and stop “unknown” attacks that will get past all of the other endpoint protection products.
In addition to the industry leading behavioral protection, the StormShield endpoint protection agent includes multiple layers of protection using a granular and modular security design. StormShield is the first intelligent solution based on behavioral analysis for device control, encryption of data, application control, HIPS, firewall, wireless and Network Access Control (NAC). StormShield provides immediate protection in real time against all types of attacks without depending on antivirus signatures/reputation. StormShield users are not dependent on waiting for a patch update or vulnerability fix to be safe from an attack on an unpatched vulnerability in IE or any other application.