本帖最后由 企稳向好 于 2024-8-13 16:02 编辑
BD企业版近期新增的一部分功能:
1、敏感注册表防护(Sensitive Registry Protection,现集成于ATC)
Sensitive Registry Protection is designed to safeguard critical registry keys including those associated with the Security Account Manager from unauthorized access or exploitation such as malicious registry key dumping. This technology ensures comprehensive protection of user authentication data and system security policies on your systems.
高级威胁控制现在包含一项新功能。敏感注册表保护选项 旨在保护关键注册表项(包括与安全帐户管理器相关的注册表项)免受未经授权的访问或利用(例如恶意注册表项转储)。该技术可确保全面保护系统上的用户身份验证数据和系统安全策略。
2、UEFI扫描The new Scan UEFI option ensures the security and integrity of the system's boot process and protects against sophisticated threats that can persist at the firmware level.
The feature is available for on-demand scheduled tasks in the policy and malware scan tasks from the Network page. The option is located under the Miscellaneous section of each Full, Quick, and Custom scan type and is enabled by default when the security level is set to Aggressive.
新的扫描 UEFI选项可确保系统启动过程的安全性和完整性,并防止可能在固件级别持续存在的复杂威胁。 该功能适用于策略中的按需计划任务和网络页面中的恶意软件扫描任务。该选项位于每个完整、快速和自定义扫描类型的杂项部分下,当安全级别设置为激进时默认启用。 3、防篡改(易受攻击驱动程序检测 Vulnerable drivers和回调规避 Callback evasion)
Vulnerable drivers
This pre-tampering technology detects vulnerable drivers on endpoints that can be exploited by attackers, posing threats to the integrity of the product. The technology is compatible with Windows and Linux operating systems.
Callback evasion
This post-tampering technology can detect when the security agent callback functions have been maliciously removed or disabled. New threats or unintentional human error could be engineered to potentially allow unauthorized access to the kernel, leading to compromised product integrity. The technology is compatible with Windows operating systems.
| 
楼主: ztgdhm
发表于 2024-8-13 15:57:33
