User privilege attacks stunted with BOUNCER by CoreTrace
An increasingly popular form of attack found in enterprises is one in which the cyber-criminal tries to use the privileges of the Local Administrator to install a wide variety of malware. Typically, the attacker attempts to change the configurations of the host machine or any machines he or she can access.
If such an attack succeeds, the host machine and its Local Administrator privileges can decimate a network very quickly, compromising data and functionality.
BOUNCER renders this kind of attack harmless. Thanks to advanced and hidden kernel-level application whitelisting capabilities, even a Local Administrator cannot change the configuration of an endpoint. If a cyber-criminal takes over a system, he or she cannot install or run any malicious code. The criminal is constrained within the current configuration of the endpoint, and cannot effect any catastrophic actions across the network using newly installed code.
Supporting & Related Resources
Looking for more or maybe something else? Try the CoreTrace Resources section.