Dr.Web Enterprise Security Suite
- Application Control component
- Integrates with SOC/SIEM solutions
- New Dr.Web Agent 12 for Windows
The page may not load correctly.
The number of Dr.Web tools is growing as new security requirements and challenges appear. Our task is to make sure that all corporate network security aspects are under your control. Add this additional tool—the Dr.Web Application Control module—to your information security strategy and turn your Dr.Web ESS-protected anti-virus network into an instantly adaptable security system that will become part of your company’s overall information security structure.
The module is managed using a) deny rules, b) allow rules, and c) special rules created to counter the most common methods used to bypass anti-virus protection. Rules can be applied to individual users, user groups, and individual stations or groups of stations—for any number of stations connected to the Dr.Web anti-virus network.
Application control lets the system administrator or security specialist, via Dr.Web Control Center tools, allow or deny the launch of applications on stations running Dr.Web Agent for Windows. Thanks to Dr.Web Application Control, you can manage this new security layer of your company's network quickly and easily.
Mailings using security operation centers (SOC) and incident analysis systems in computer networks (SIEM) are mandatory in some organisations. With Dr.Web Application Control, FinCERT mailing data can be integrated into a Dr.Web Enterprise Security Suite security system with minimal effort. This allows the system administrator to block malicious files that are known only to be found in mailings.
Both network users and attackers try to install the applications they need without permission. This includes applications that are legitimate but can be used for malicious purposes—for example, to control programs remotely. With Dr.Web Application Control, the security administrator identifies these attempts and blocks them in real time. Lists of trusted applications can be updated and distributed (or not distributed) between anti-virus network servers. Restrictions to launch programs can be assigned to individual users, stations, or groups.
Outdated software is one of today’s security problems. Users do not want to update programs, and cybercriminals use the most diverse malware (from worms to exploits) to penetrate a system via unclosed vulnerabilities. Dr.Web Application Control blocks outdated software and will not allow exploits, including those that take advantage of unknown vulnerabilities, to harm your corporate network.
If a protected computer has a "weak" configuration and comprehensive anti-virus protection cannot be installed on it, or if the response time to specific events is critical for system operation, use Dr.Web Application Control.
For virus writers, testing one's own creations on services like VirusTotal is a sign of good manners. If the anti-virus scanners there do not detect a malicious program, cybercriminals can attack users with it because their security solutions will be powerless! But this can only happen if a company does not use the Dr.Web Application Control module rules. For example, malware can contain the latest code and simultaneously have a signature that is already known to Doctor Web's security researchers. Or it is launched from a location that is atypical for legitimate programs. There are many such signs, and using them, Dr.Web Enterprise Security Suite protects against the latest attacks, even if the trojan or virus involved has not yet been analysed by the anti-virus company.Find out more about the Application Control features