ESET Antivirus

Button for Website.jpg

ESET uses multi-layered technologies that go far beyond the capabilities of basic antivirus. below shows various core ESET technologies and an approximation of when and how they can detect and/or block a threat during its lifecycle in the system.

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

UEFI Scanner

ESET is the first internet security provider to add a dedicated layer into its solution that protects the Unified Extensible Firmware Interface (UEFI). ESET UEFI Scanner checks and enforces the security of the pre-boot environment that is compliant with the UEFI specification. It is designed to detect malicious components in the firmware and report them to the user

 
 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

DNA Detections

Detection types range from very specific hashes to ESET DNA Detections, which are complex definitions of malicious behavior and malware characteristics.

While the malicious code can be easily modified or obfuscated by attackers, the behavior of objects cannot be changed so easily and ESET DNA Detections are designed to take advantage of this principle. 

 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Machine Learning

ESET has developed its own in-house machine learning engine, dubbed ESET Augur. It uses the combined power of neural networks (such as deep learning and long short-term memory) and a handpicked group of six classification algorithms. This allows it to generate a consolidated output and help correctly label the incoming sample as clean, potentially unwanted or malicious.

 
 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Cloud Malware Protection System

The ESET Cloud Malware Protection System is one of several technologies based on ESET’s LiveGrid® cloud system. Unknown, potentially malicious applications and other possible threats are monitored and submitted to the ESET cloud via the ESET LiveGrid® Feedback System.

 
 

 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Reputation & Cache

When inspecting a file or URL, before any scanning takes place, our products check the local cache for known malicious or whitelisted benign objects. This improves scanning performance.
Afterwards, our ESET LiveGrid® Reputation System is queried for the object’s reputation (i.e. whether the object has already been seen elsewhere and classified as malicious). This improves scanning efficiency and enables faster sharing of malware intelligence with our customers.

  

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Behavioral Detection and Blocking - HIPS

ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a pre-defined set of rules to recognize suspicious system behavior. When this type of activity is identified, the HIPS self-defense mechanism stops the offending program or process from carrying out potentially harmful activity.

 
 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

In-product Sandbox

Today’s malware is often heavily obfuscated and tries to evade detection as much as possible. To see through this and identify the real behavior hidden underneath the surface, we use in-product sandboxing. With the help of this technology, ESET solutions emulate different components of computer hardware and software to execute a suspicious sample in an isolated virtualized environment

 
 

 

 

csm_icon-mass_5d51fddd38.png

 

 

Advanced Memory Scanner

Advanced Memory Scanner is a unique ESET technology which effectively addresses an important issue of modern malware – heavy use of obfuscation and/or encryption. To tackle these issues, Advanced Memory Scanner monitors the behavior of a malicious process and scans it once it decloaks in memory.

 
 

 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Exploit Blocker

Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java, and more) and instead of just aiming at particular CVE identifiers it focuses on exploitation techniques. When triggered, the behavior of the process is analyzed and, if it is considered suspicious, the threat may be blocked immediately on the machine.

 
 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Ransomware Shield

ESET Ransomware Shield is an additional layer protecting users from ransomware. This technology monitors and evaluates all executed applications based on their behavior and reputation. It is designed to detect and block processes that resemble behavior of ransomware.

 
 

 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Network Attack Protection

Network Attack Protection is an extension of firewall technology and improves detection of known vulnerabilities on the network level. It constitutes another important layer of protection against spreading malware, network-conducted attacks and exploitation of vulnerabilities for which a patch has not yet been released or deployed.

 
 

 

 

csm_icon-dna_1d6ee2d5c2.png

 

 

Botnet Protection

ESET Botnet Protection detects malicious communication used by botnets, and at the same time identifies the offending processes. Any detected malicious communication is blocked and reported to the user.

 
 
 
 
 
 
 Button for Website.jpg