BOUNCER by CoreTrace:  Viruses, Worms, and Trojans

• BOUNCER by CoreTrace
  • Product Overview
• Benefits of BOUNCER
  • Overview of Benefits
  • Malware Threats
  • User-Privilege Threats
  • Configuration Lockdown
• Features of BOUNCER
  • Overview of Features
  • Trusted Change
• Regulatory Compliance
  • Overview of Compliance
  • HIPAA
  • The Sarbanes-Oxley Act
  • PCI DSS
  • NERC
  • NIST sp800-53
• Industry Solutions
  • Overview of Solutions
  • Engineering and Utilities (SCADA)
  • Hosted VoIP Providers
  • Government
• Roles & Responsibilities
  • Overview of Use by Role
  • IT Administrators
  • IT Managers
  • Executives

• See Also:
  • Application Whitelisting News
  • Live & Recorded Events
  • BOUNCER Presentation
  • Resource Center
• Related Resources:
  • BOUNCER Online Demo
  • Application Whitelisting: New Paradigm
  • Tenets of Endpoint Control (Ogren Group)
  • Combatting Buffer Overflows & Rootkits
  • BOUNCER ROI Analysis

Viruses, worms, and trojans don't stand a chance against BOUNCER by CoreTrace

Endpoint security has traditionally been a job for antivirus software solutions. These solutions have always relied on a ‘blacklisting’ methodology, wherein every application is checked against a vendor-supplied list of known-bad programs. This approach has precipitated a host of inefficiencies:

• Performance lags occur as each application is checked against a list of thousands, or hundreds of thousands of known threats.
• Constant updating of the virus definition file is par for the course, and combined with sometimes daily patches from application vendors themselves. This updating and patching process devours IT team resources.
• Inevitably, any solution that requires users to download and install new definitions in response to new threats will be vulnerable to zero-day attacks. Zero-day attacks are ones that occur between the time an attack is released and when a patch is developed and propagated.
• Blacklist based solutions also have difficulty dealing with thousands of variations of threats. For example, NetSky and Mydoom have been around since 2004, yet they remain among the top attacks in the wild in 2008.
• Targeted threats are the greatest concern. If a hacker has targeted a specific enterprise, there is a high likelihood that a signature will never be created. Blacklist signatures are designed for wide-spread threats.
• Hackers and cyber-criminals know how to game the antivirus system thanks to years of exposure to technology that hasn't evolved to keep up with the most sophisticated threats.

BOUNCER takes a completely different approach to protection against viruses, worms, and Trojans. Rather than updating a blacklist and hoping for the best, BOUNCER uses application whitelisting at the kernel level to simply, effectively block any unauthorized executable. If it’s not on the list, it doesn’t run.

In addition to defeating malware threats, your enterprise can free up valuable resources previously devoted to security updating and patching. You can choose which patches to implement, on whatever schedule is convenient for you, without compromising security.

• Contact
• Site Map
• Legal
• Privacy Policy