Host Intrusion Prevention System (HIPS) monitors a single host for suspicious activity by analyzing events occurring within that host. HIPS solutions protect the host from the network layer all the way up to the application layer against known and unknown malicious attacks. In case of attempted operating system or application changes by a hacker or malware, HIPS blocks the action and alerts the user so an appropriate decision on next steps can be made.
Although anti-virus and firewall vendors are changing the way they scan to meet the ever-increasing number of threats, both are far too often reactive. If the attack is trying to exploit an unknown vulnerability, the anti-virus will not stop it if it doesn’t have the signature for it. Host Intrusion Prevention System solutions take a different approach to PC protection than traditional signature anti-malware – HIPS takes control of application integrity rather than trying to match signatures from among the millions of malware examples out there.
Host Intrusion Prevention Systems (HIPS) are becoming more of a necessity in any environment, home or enterprise. HIPS solutions keep the system in a known-good state and effectively avoid the problem of false alarms that dog traditional signature approaches.
One of the most innovative implementations of a Host Intrusion Prevention System, SafenSoft SysWatch, not only issues alerts when unknown applications attempt to launch, but provides granular controls for how different applications can access files and folders, USB drives, registry keys, external devices, and network resources. Users can create their own HIPS rules to control application activity.