Endpoint Application Control
Fast, flexible and scalable protection against zero-day and advanced persistent threats
There are multiple routes for unknown code to execute on a host CPU, and Application Control provides a key tool in controlling unknown, potentially bad, applications from executing. Application Control provided by Comodo Advanced Endpoint Protection (AEP) blocks unauthorized executables on servers, corporate desktops, and fixed-function devices. Using a dynamic trust model and innovative security features such as local and global reputation intelligence, real-time behavioral analytics, and auto-immunization of endpoints, it immediately thwarts advanced persistent threats—without requiring labor-intensive list management or signature updates.
- Complete protection from unwanted applications with coverage of executable files, libraries, drivers, Java apps, ActiveX controls, scripts, and specialty code.
- Flexibility for desktop users and server admins with self-approval and auto-approval based on application rating.
- Viable security for fixed-function, legacy, and modern systems.
- Patch cycle reduction and advanced memory protection.
- Centralized, integrated management via the IT & Security Manager.
Thwart threats with intelligent whitelisting
Reduce risks from unauthorized applications and code
Know the reputation of every file and application in your environment and categorize them as good, bad and unknown with real-time Valkyrie file analysis
Leverage three options to maximize their whitelisting strategy
Default Deny allows software execution based on an approved whitelist or authorization by trusted channels. Detect and Deny allows software execution through signature-less reputation verification, and Verify and Deny allows the execution of applications that are verified by sandbox testing.
Save time and lower costs
Eliminate the need for signature updates or labor-intensive list management, and using a dynamic trust model that requires negligible CPU and memory usage.
Reduce patch cycles and protect memory
Maintain your regular patch cycles and prevent whitelisted applications from being exploited via memory buffer overflow attacks on Windows 32- and 64-bit systems.
Protect legacy systems and modern IT investments
Protect older operating systems, such as Microsoft Windows NT, 2000, and XP as well as recent operating systems such as Microsoft Windows 10.
Comodo Advanced Endpoint Protection (AEP) provides visibility and control over what applications users are installing on endpoints, both desktop/laptop and mobile. Further, Windows applications can be set to run, be blocked or run only inside the secure container.
Non-critical business applications can be blocked from running entirely.
- Desktop/Laptop –. As the world’s largest Certificate Authority, Comodo enjoys the advantage of providing unique insight into known good applications, software publishers and even OS level processes. This knowledge is used in determining the ‘known good’ as well as generating an accurate listing of all known bad applications or files. This unique compilation of known good and known bad allows your users to run trusted applications with confidence.
- Mobile – Comodo Advanced Endpoint Protection allows administrators to view all applications installed on enrolled Android and iOS devices and block any malicious applications that are identified. Administrators to view the list of applications identified on all enrolled mobile devices and review their trustworthiness.