Mac Exploit Protection Modules (EPMs)
To combat attackers from leveraging software vulnerabilities on Mac endpoints, Traps employs the following exploit protection modules (EPMs):
Prevents Dylib-hijacking attacks where the attacker attempts to load dynamic libraries from unsecured locations to gain control of a process.
Prevents an attacker from bypassing the operating system's memory mitigations using just-in-time (JIT) compilation engines. In ninja-mode, you can also configure advanced hooks and whitelists for this module.
Kernel Privilege Escalation Protection
Prevents an attacker from using the privilege information of another process with greater privileges to run a process with system permissions.
Protects against the use of return oriented programming (ROP) by protecting APIs used in ROP chains.