Although our goal is never to allow a threat to reach a machine, in the real world there are still situations where a user's system can get infected. Such circumstances likely include:
1) Users who previously had no installed security product;
2) Users whose product subscription expired;
3) Users attacked by a new zero-day threat;
Symantec remediation technologies address these situations by providing capabilities to clean up already infected machines. The core set of these technologies is built into all our malware security products.
More recently we made available a set of standalone tools to assist with remediating more aggressive infections. These tools include Norton Power Eraser and Symantec Power Eraser (included in the Symantec Endpoint Protection Support Tool). Features of these remediation tools include:
- A Nimble and Easily Updatable Engine
Since the threat space is always changing in order to evade security suites, these tools can be easily updated to react to new zero-day threats.
- Targeting Infections in Their Entirety
From the downloaders to the payloads and the rootkits that hide them, today's infections are complex, utilizing multiple components to orchestrate a profitable outcome for the hackers. The Power Eraser engine is tuned to detect and remove these risks by looking for behavioral patterns of not just the threat itself, but also the downloader that introduced the threat to the system in the first place.
- Aggressive Detection Techniques
The Power Eraser engine utilizes multiple new heuristic engines and data analysis points in order to detect a broad range of threats. These include packer heuristics, load point analysis, rootkit heuristics, behavioral analysis, distribution analysis, and system configurations monitors.
0 comments: (+add yours?)
Post a Comment
Note: Only a member of this blog may post a comment.