Fileless Attacks
A Uniquely Intelligent Approach To Combating Fileless Attacks
Our AI-driven threat prevention and response solutions protect you from threats, no matter how they operate
Combating fileless attacks requires a departure from traditional, file-based countermeasures. Blackberry Cylance uses memory defense, script and macro control, and our Context Analysis Engine (CAE) to keep your organization safe.
Combating the Scourge of Fileless Attacks
What is a Fileless Attack?
Fileless attacks originally described threats existing and operating exclusively in volatile memory. The term later evolved to include threats that maliciously utilize legitimate system resources without writing new files on disk. Today, any cyber attack using fileless elements within the attack chain may also be described as fileless.
Traditional EDR vs. AI-Driven EDR: A Comparison
Memory Resident
Malware is memory resident instead of residing on disk
Script Based
Script-intensive malware uses Jscript/JAVAScript to launch initial infection and to assist with attacks
Exploits Resources
Malware exploits resources like PowerShell, WMI, and other legitimate Windows admin tools to conduct activities
System Registry
Malware achieves persistence through modification of the system registry
How do you combat a fileless attack?
The key to defeating fileless malware is to deny it system resources, such as with a combination of tools found in CylancePROTECT and CylanceOPTICS.
Hacking Exposed Demo from RSA - Examples of Fileless Threats
See how recent threats - including fileless attacks - operate in the wild
The replay of our Hacking Exposed demo at RSA illuminates the tools and techniques of memory-based, fileless, script-based, and app-based attacks, and more.
Threat Spotlight: Kovter Malware Fileless Persistence Mechanism
Join us as we take a closer look at Kovter, a pervasive click-fraud trojan that uses a fileless persistence mechanism to maintain a foothold in an infected system.
DirtySecurity Podcast: Memory-Based Attacks and How To Stop Them
In this episode of DirtySecurity, we chat with security engineer Josh Fu about fileless attacks - why they're so prevalent, how they work, and how to prevent them.
Prevention - CylancePROTECT
Memory Exploitation Detection and Prevention
Add an additional layer of security and strengthen the OS's basic protection features - preventing attackers from using memory to exploit vulnerabilities.
Script and Macro Management
Monitor, detect, and protect against malicious scripts and/or script paths that may be running in your environment - before they can execute.
Response - CylanceOPTICS
Powering Dynamic Threat Detection and Automated Response
Our approach pushes the threat detection and response to the endpoint, allowing every endpoint in your organization to act as a virtual SOC, dynamically detecting threats and taking response actions around the clock and without human intervention.