F-Secure takes a multi-layered approach to endpoint protection and leverages cloud analysis and machine learning to reduce the overall system overall performance impact while providing protection against a multitude of malware and internet threats. Ultralight combines all the technologies present in F-Secure’s full endpoint protection stack into a single package and is included in the following products:
- F-Secure Protection Service for Business (PSB), Computer & Server Protection
- F-Secure Business Suite, Client Security 13.x & later plus Server Security 14.x & later
- F-Secure SAFE and variants
Ultralight consists of drivers, engines, and system services that provide mechanisms to protect both devices and its users. It provides traditional anti-virus functionality, such as real-time file scanning and network scanning and also includes modern, proactive protection technologies that aim to stop zero-day exploits and stay ahead of new attacks. F-Secure’s Security Cloud provides Ultralight components with real-time information as the threat landscape changes.
Ultralight’s intelligent combination of protection technologies represents the same approach that allowed F-Secure to take home the prestigious AV-Test Institute’s ‘Best Protection’ award six times in eight years.
Figure 1: Components that make up the Ultralight engine
FEATURES
- Detects and blocks exploits, common malware, and other identifiers in any hostile content sent by attacker
- Detects and blocks exploitive behavior occurring in an application designed to open potentially harmful content (PDF reader, office software, Java runtime, JavaScript interpreter, etc.)
- Detects and blocks suspicious or malicious behavior both in running applications and in the system itself
- Prevents compromised applications from performing hostile actions, such as dropping malware onto a system
- Detects and blocks malware with a traditional file scanning engine
- Detects and blocks memory-resident malware
- Removes or quarantines malicious artifacts from the system
- Disinfects objects that have been modified by file infectors
- Utilizes F-Secure’s Security Cloud to detect anomalies in files or file metadata
- Sends suspicious executable files to F-Secure’s Security Cloud for extended analysis
- Prevents malware from contacting a C&C server
- Uses automatic forensics and computer ecosystem anomaly detection to detect malware that other techniques are unable to prevent or detect
BENEFITS
- Proactive security against zero-day attacks and unique malware.
- Zero-day exploits have been detected before they have been public knowledge.
- Effective protection against custom malware.
- The more a malicious file has been modified to evade signature-based scanning, the more suspicious it looks to us.
- Our exploit protection focuses on prevention of the exploit phase itself.
- The way exploit writers typically modify their code to evade signature-based scans cannot bypass our exploit detection techniques.
- Exploit protection is constantly improved and tweaked as we collect more samples and refine the behavioral detection.
- Automatically deployed forensics algorithms generated by Security Cloud’s AI systems.
Ultralight features and Benefits
Read more on F-Secure Ultralight in the following Whitepaper