+7 (495) 967-14-51 

 Contacts   Sitemap  
Language:  Russian English     Search: 
 
Main page  →  Company  →  News & Events  →  2019
About Us
Awards
Contacts
News & Events
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
Press Center

News

RSS

 

How SoftControl products have changed in 2018

The main changes in the SoftControl products include creation of name rule groups, improved system reports and event logs, as well as export and import of client application settings.



The following changes affected the SoftControl Service Center:

  • Named rule groups are supported. Activity control rules from different categories (file system, system registry, network activity and modules) can be grouped together.
  • Activity control rules for separate applications can be created in SoftControl Admin Console and transferred to client hosts with the installed SoftControl SysWatch client applications.
  • Increased password security for SoftControl Service Center database.
  • Supported import and export of selected client application settings with the help of an XML file.



Changes in SoftControl Admin Console:

  • Improved logic for creating system reports. The groups of events are now called 'Threats' and 'Services and unsuspicious applications'. In the former case, SoftControl Admin Console logs control policy violations and the start of suspicious processes. In the latter case, SoftControl Admin Console logs service events and the start of unsuspicious processes.
  • Event logs are now more detailed and easier to understand. This includes the improved format of the information displayed in the ‘Action’ field on the ‘Log’ tab.
  • System profile on the client host with SoftControl SysWatch can be disabled through the client application settings. In addition, the update source for SoftControl SysWatch can be selected (update through either SoftControl Service Center or the Internet).
  • Identification data of a module are filled in automatically in the settings after specifying an exe file.
  • The ‘Clients’ tab contains the ‘Permanent connection status’ column to track possible disconnections.
  • Flags are supported for files on the ‘Profile data ...’ tab that indicate whether a file is added to the profile by the installer or during the profile collection process.



Changes in SoftControl SysWatch client application:

  • As with SoftControl Admin Console, system reports are made more clear and unambiguous.
  • Event logs are now more detailed and easier to understand. In particular, the report indicates whether the application is in the profile, whether it is tracked; whether the installer has a valid digital signature; whether the global software update mode is enabled, etc.
  • Logging events of control policy violation is improved. Control policy violation events are considered similar and are not logged if they have coinciding actions, binary paths, command lines, and process identifiers, as well as if the period of time after the previous event is added is less than the specified value (one minute by default). Besides, the event log contains information about how many similar events were skipped.
  • Control policy violation report contains the PID for the process that caused policy violation.
  • If the protection is turned off, all applications (both in the profile and outside of it) are given permission to run until the system service starts.
  • Increased password security for SoftControl SysWatch client components.
  • Fixed vulnerability in the msiexec installer. It is not allowed to execute the msiexec system installer from a folder that differs from % SYSTEM32%.
  • Fixed vulnerability in dll blocking algorithm (CVE-2018-5718). This vulnerability allowed local users to cause a denial of service (BSOD) or modify kernel-mode memory by loading a forged dll.
  • Updated glossary that is used in the program. In particular, the term ‘mode of operation’ is replaced to ‘software update mode’. The term ‘unknown installer’ is changed to ‘unsigned installation program’, and ‘unknown application’ is replaced by ‘non-profile application’, and so on.


 

February 11, 2019


All news  |  Print this page


January 31, 2019 

February 25, 2019 


 

Computer security: Information security solutions | Host Intrusion Prevention System (HIPS) | Endpoint protection | The best virus protection | Whitelisting | Application Integrity Control | Comprehensive Malware Protection | Application protection | Windows Startup / Registry Protection | Online banking security | Online payment protection | Data leakage prevention (DLP) | Information security in medicine
2009-2019, Safe’N’Sec Corporation. Privacy policy