The Challenge of Exploit Protection
Exploits are weaponized data files or content, such as a Microsoft® Word™ document or HTML data stream, designed to leverage software flaws in legitimate applications to provide an attacker with remote code execution capabilities.
Threat actors often leverage exploits as the initial stage in their attacks because most security solutions cannot distinguish weaponized data files from ordinary ones and normal application execution from exploitation. Legacy (signature-based) antivirus and whitelisting techniques are two examples of solutions that have historically been ineffective in preventing the exploitation of applications. Most organizations rely on security patches issued by software vendors as their sole, reliable method for preventing exploits.
Zero-day exploits – those that leverage vulnerabilities that are unknown to an application vendor and the public at large – present a bigger challenge to security professionals, as there are no software patches that can be applied to fix the underlying vulnerabilities.
Palo Alto Networks® provides exploit prevention capabilities that protect applications from both known and unknown (zero-day) exploits at the perimeter and on the endpoint, regardless of the availability or application of security patches.