The Challenge of Exploit Protection

Exploits are weaponized data files or content, such as a Microsoft® Word™ document or HTML data stream, designed to leverage software flaws in legitimate applications to provide an attacker with remote code execution capabilities.

Threat actors often leverage exploits as the initial stage in their attacks because most security solutions cannot distinguish weaponized data files from ordinary ones and normal application execution from exploitation. Legacy (signature-based) antivirus and whitelisting techniques are two examples of solutions that have historically been ineffective in preventing the exploitation of applications. Most organizations rely on security patches issued by software vendors as their sole, reliable method for preventing exploits.

Zero-day exploits – those that leverage vulnerabilities that are unknown to an application vendor and the public at large – present a bigger challenge to security professionals, as there are no software patches that can be applied to fix the underlying vulnerabilities.

Palo Alto Networks® provides exploit prevention capabilities that protect applications from both known and unknown (zero-day) exploits at the perimeter and on the endpoint, regardless of the availability or application of security patches. 

Endpoint: Traps Multi-Method Exploit Prevention

Traps™ advanced endpoint protection uses an entirely new and unique approach to preventing exploits on the endpoint. Instead of focusing on the millions of individual attacks or their underlying software vulnerabilities, Traps focuses on the core exploitation techniques used by all exploit-based attacks.

Although there are many thousands of exploits, they all rely on a small set of core exploitation techniques that change infrequently. Each exploit must use a series of these exploitation techniques to successfully subvert an application. By blocking the core techniques, Traps effectively prevents the exploitation of application vulnerabilities, whether they are known or unknown. Traps implements a multi-method approach to exploit prevention, combining several layers of protection to block exploitation techniques.

Organizations using Traps can run any application, including those developed in-house and those that no longer receive security support, preventing the potential threat of exploitation. Learn More

Network: Threat Prevention

Our IPS, available within our Threat Prevention subscription, prevents exploits at the network level, using targeted vulnerability- and exploit kit-based signatures to thwart multiple variations of exploits and a wide variety of exploit kits.

Our skilled threat research team, whose job it is to continuously investigate and reverse-engineer network and application vulnerabilities, creates these protections and automatically pushes them to all subscribed devices on a weekly and emergency basis, fortifying your network against the latest exploits.