HVP – Invincea Advanced Endpoint Protection (AEP)
Advanced Endpoint Protection (AEP) is a very competent anti-malware tool that really focuses on the task at hand: protecting the endpoint from malware threats. It does this by encapsulating the endpoint application in a virtual environment and allowing malicious files to detonate, but containing the attack so that not even the most advanced zero-day can escape. That’s a pretty strong statement, but Invincea lives up to it because the tool has no need for signatures or traditional heuristics.
The tool reduces the attack surface significantly through its use of “secure virtual containers.” We really liked that the company did not try to convince us that it was sandboxing since sandboxes usually are a protective layer over the kernel that prevents the malware or its effects to escape. Sadly, it is possible to “go around” the sandbox layer and still infect.
Virtual containers are much different. They fully encapsulate the application in a friendly, secure environment, making it nearly impossible for a malware payload to do any real damage. The container is Invincea’s own virtual machine that is more lightweight that a typical type 2 hypervisor.
To view the full article, please click here.