Threatlocker Ringfencing
Controlling what software can run should be the first line of defense when it comes to better protecting yourself against malicious software. Ringfencing™ adds a second line of defense for applications that are permitted. First, by defining how applications can interact with each other, and secondly, by controlling what resources applications can access, such as networks, files, and registries. Ringfencing™ is an invaluable tool in the fight against fileless malware and software exploits.Ringfencing™ allows you to control how applications can interact with other applications. For example, while both Microsoft Word and PowerShell may be permitted, Ringfencing™ will stop Microsoft Word from being able to call PowerShell, thus preventing an attempted exploit of a vulnerability such as the Follina vulnerability from being successful.Attackers can also use fileless malware which runs in the computer's memory, to evade detection by antivirus or EDR that are focused on detecting changes to files or registry keys. These attacks, often called living off the land attacks, leverage native tools and trusted applications to carry out malicious instructions in the background without ever touching the file system.
Features
Mitigate Against Fileless Malware
Stop fileless malware by limiting what applications are allowed to do.
Granular Application Policies
Stop applications from interacting with other applications, network resources, registry keys, files, and more.
Limit Application Attacks
Limit application attacks like application hopping by limiting what applications can access.
Limit Access to Your Files
Choose which applications in your environment need to have access to your files.