Library
My library

+ Add to library

Profile

Dr.Web Application Control

The number of Dr.Web tools is growing as new security requirements and challenges appear. Our task is to make sure that all corporate network security aspects are under your control. Add this additional tool—the Dr.Web Application Control module—to your information security strategy and turn your Dr.Web ESS-protected anti-virus network into an instantly adaptable security system that will become part of your company’s overall information security structure.

Allow

  • trusted applications

Block

  • known malicious and potentially dangerous applications
  • outdated applications
  • applications that are banned in your network
  • applications whose start-up type is often used by creators of malware
  • malware that is not yet known to anti-virus vendors

WITHOUT SIGNATURES!

  • Expand your company security policy compliance capabilities and create a customized configuration for your information security system.
  • Create an additional layer of security by adding a system that controls the launch of applications, and you’ll have one more tool available to you to respond to the challenges presented by today’s virus writers, including targeted attacks on your company.
  • Centrally manage the launch of applications: on individual stations, groups of stations, and for individual network users and individual computer users, by regulating who is allowed to run applications in accordance with your corporate information security policies and their job duties.

The module is managed using a) deny rules, b) allow rules, and c) special rules created to counter the most common methods used to bypass anti-virus protection. Rules can be applied to individual users, user groups, and individual stations or groups of stations—for any number of stations connected to the Dr.Web anti-virus network.

Centralised administration

Application control lets the system administrator or security specialist, via Dr.Web Control Center tools, allow or deny the launch of applications on stations running Dr.Web Agent for Windows. Thanks to Dr.Web Application Control, you can manage this new security layer of your company's network quickly and easily.

  • Create control rules to run applications
  • Test configured application start-up modes
  • Distribute created rules between network servers
  • View application launch statistics
  • Monitor how created rules are applied

Clear statistics

  • Instant control over the launch of applications in the network and on individual stations.
  • Instant creation of allow and deny rules—via the statistics window.

Features

Blocks applications by their checksums

Mailings using security operation centers (SOC) and incident analysis systems in computer networks (SIEM) are mandatory in some organisations. With Dr.Web Application Control, FinCERT mailing data can be integrated into a Dr.Web Enterprise Security Suite security system with minimal effort. This allows the system administrator to block malicious files that are known only to be found in mailings.

Find out more

Blocks applications

Both network users and attackers try to install the applications they need without permission. This includes applications that are legitimate but can be used for malicious purposes—for example, to control programs remotely. With Dr.Web Application Control, the security administrator identifies these attempts and blocks them in real time. Lists of trusted applications can be updated and distributed (or not distributed) between anti-virus network servers. Restrictions to launch programs can be assigned to individual users, stations, or groups.

Find out more

Blocks outdated program versions

Outdated software is one of today’s security problems. Users do not want to update programs, and cybercriminals use the most diverse malware (from worms to exploits) to penetrate a system via unclosed vulnerabilities. Dr.Web Application Control blocks outdated software and will not allow exploits, including those that take advantage of unknown vulnerabilities, to harm your corporate network.

Find out more

Protects stations with low resources

If a protected computer has a "weak" configuration and comprehensive anti-virus protection cannot be installed on it, or if the response time to specific events is critical for system operation, use Dr.Web Application Control.

Find out more

Prohibits the launch of the latest malware programs

For virus writers, testing one's own creations on services like VirusTotal is a sign of good manners. If the anti-virus scanners there do not detect a malicious program, cybercriminals can attack users with it because their security solutions will be powerless! But this can only happen if a company does not use the Dr.Web Application Control module rules. For example, malware can contain the latest code and simultaneously have a signature that is already known to Doctor Web's security researchers. Or it is launched from a location that is atypical for legitimate programs. There are many such signs, and using them, Dr.Web Enterprise Security Suite protects against the latest attacks, even if the trojan or virus involved has not yet been analysed by the anti-virus company.

Find out more about the Application Control features
  • Does your anti-virus consider a file to be "clean", but you have your doubts?
  • Have you detected a suspicious unknown application but are not sure whether it is malicious?
  • Does your company's network contain important documents or confidential information that cybercriminals could get hold of by carrying out a targeted attack?
  • Can’t put your business on hold to wait for your anti-virus to receive a needed signature?

Use Dr.Web vxCube Intelligent and interactive cloud-based analyses of suspicious objects

  • Analysis and verdict — in just 1 minute
  • A custom Dr.Web CureIt! build in real time
  • The option to order a "manual" analysis by a Dr.Web virus analyst for difficult cases

Find out more | Sign in to your Dr.Web vxCube personal area

Get trial access