Instead of using the archaic blacklist technology competitors use, PC Matic deploys an automated whitelist for real-time, proactive protection against today’s cyber threats. In addition, PC Matic also uses a script blocking agent, effectively thwarting all forms of fileless malware attacks. Lastly, the software minimizes the exploitation of remote desktop protocol (RDP) ports by enabling login controls.
How does whitelisting stop ransomware, polymorphic viruses, APTs, and zero-day attacks? With the advances in technology, malware is getting harder to stop. Instead of trying to keep up with the continually changing malware algorithms and codes, we do the opposite, and track tested safe programs. PC Matic’s whitelist functions by using a list of known, trusted programs and allows them to run. Everything else, that is not on the whitelist, is sent to the PC Matic malware research team to be tested. Within 24 hours it is categorized either trusted or malicious.
Fileless Script Block
The PC Matic team also learned, whitelisting is not enough. Hackers are exploiting scripting agents like PowerShell to install malware, which doesn’t need an executable. Therefore, both the blacklist and whitelist are ineffective. This is why the PC Matic team developed a script blocking agent to identify malicious scripting activity. So far, this has left PC Matic consumers entirely protected from fileless infections.
RDP Port Controls
In 2018, home and business users around the globe saw hackers beginning to exploit RDP ports. They would brute force their way into the network by guessing RDP user credentials until they were successful. PC Matic now modifies the Windows account lockout threshold to avoid brute force attacks.
Patch Management and Driver Updates
During the scanning process, PC Matic ensures key third-party applications are patched, and drivers are updated. By automating this process, PC Matic users can rest assured their devices are kept updated, with known vulnerabilities patched to avoid exploitation from cyber criminals.