Product Bulletin

Product Bulletin: Evasion Shield May 2020

  • 13 May 2020
  • 0 replies
  • 1634 views
Product Bulletin: Evasion Shield May 2020
Userlevel 7
Badge +48
  • Community and Advocacy Manager
  • 1663 replies

During 2020 we intend to considerably deepen and widen the prevention and protection we offer via our business endpoint protection platform. The general availability of the first version of the new Webroot Evasion Shield, along with the roll-out during May 2020 of improvements and modifications to our Webroot Endpoint Protection Agent to include additional components, are both intended to deliver better all-round security now and in the near future.

The highlights of this release include:

 

New – Webroot Evasion Shield to better manage script, fileless, PowerShell and other obfuscated attacks

 

Webroot Evasion Shield

Webroot Evasion Shield adds new and additional protection against evasive Script and PowerShell attacks.

This release offers new patented Webroot technology to detect, block, and remediate (by quarantining) malicious and evasive script attacks, whether they are file-based, fileless, obfuscated or encrypted. And, in addition, prevent malicious behaviors from executing in PowerShell, JavaScript, and VB Script files that are often used to launch evasive attacks. Overall it's designed to detect and remediate additional malicious scripts over what is detected today.

 

New Evasion Shield - Script Protection Policy – IMPORTANT default Policy is OFF

 

A new Script Remediation section has been added to the Policies tab. Script Protection by default is switched off as unique scripts are sometimes present and rather than classify them and create potential false negatives (good processes marked as bad) and quarantining them, we recommend using the Detect and Report policy.  Detect and Report like the ‘Silent Audit’ policy uncovers the Scripts running and reports them so you may whitelist Scripts you wish to retain.

 

Detections of Scripts running on individual devices are now added to Shield Status and within Infections Encountered

 

New Evasion Shield – Script Detections report provides instant overview of any Scripts encountered

 

Overall, the new Webroot Evasion Shield is designed to be easy to use and deploy while minimizing any of the risks associated with classifying Scripts as safe or malicious. It provides a new level of protection with the ability to control and manage ‘known good’ Scripts through whitelisting, while giving console visibility for script detections, remediations, and infections.

Check out our Evasion Shield Hub for more info


This topic has been closed for comments