Site icon Emsisoft | Cybersecurity Blog

Emsisoft’s layered protection | Windows Device Protection | Emsisoft Anti-Malware Tutorial


Hi there. In today’s video, we’re going to explore how Emsisoft uses layered protection to prevent malware infections.

To start, let’s talk about what layered protection actually means. In the cybersecurity world, it’s a fact that every individual security component has its own unique strengths and weaknesses. This means there’s no singular technology that can reliably protect you from malware.

Instead of relying on one type of technology, Emsisoft combines multiple layers of protection, making it virtually impossible for malware to get onto your computer.

Let’s take a look at how these layers work.

The first layer is Web Protection. Web Protection keeps you safe by blocking your connection to malicious and fraudulent web hosts. It works at the system level, so it works with all browsers. The list of bad web hosts is updated every 15 minutes to keep you protected against all the latest threats.

Let’s go ahead and open up the Web Protection settings. In this section, you can see all of the user-created rules that define whether you can access certain websites. You can use the ‘Import hosts file’ button to add multiple rules at once, or the ‘Add new rule’ button to add a single rule. And at the bottom here, you can configure what action you want Web Protection to take when you try to connect to Malicious hosts and Unwanted hosts.

Web Protection also includes Emsisoft Browser Security. Emsisoft Browser Security is a free, privacy-conscious browser extension that filters out bad websites at the URL level. Unlike many other security extensions on the market, Emsisoft Browser Security doesn’t send all your visited websites to the vendor’s cloud servers for scanning. Instead, it uses hashes of website fragments to identify dangerous websites. Essentially this means nobody at Emsisoft can see your browsing activity – even if they wanted to!

Okay, so that brings us to the second layer: the File Guard. The File Guard is a real-time malware scanner that runs in the background at all times. It uses a dual-engine scanner to check every single file that you download, run or modify, and compares them against a massive database of malware signatures. When the File Guard detects a threat, it automatically quarantines the file so you can analyze it later without worrying about it doing any damage to your system.

In the File Guard settings, you can set the Scan level to determine how thoroughly you want the File Guard to scan your system. ‘Default’ scans programs when they are started; ‘Thorough’ scans all files when they are created or modified; and ‘Paranoid’ scans all files when they are read by any program. This last option can have a significant impact on the performance of your computer, so we recommend keeping the Scan level at default for most users.

Traditional malware scanners are great at stopping known threats, but they struggle when it comes to protecting you from freshly created malware. That’s where Emsisoft’s third layer of protection comes in: the Behavior Blocker. The Behavior Blocker monitors the behavior of active programs and alerts you if it notices any suspicious activity patterns. Because the Behavior Blocker looks for patterns of activity rather than specific files, it can detect almost any type of malware – including brand new threats that have never been seen before.

In the Behavior Blocker settings, you can see all the programs that are currently running on your system, along with their monitoring status. If you want to change an application rule, just double click on the program and select if you want the program to be Trusted, Monitored, or Blocked by the Behavior Blocker. If you want to set up a new rule, click the ‘Add application rule’ button, navigate to the file, choose whether you want it to be Trusted or Blocked, and click OK.

The fourth layer of protection is Emsisoft’s Anti-Ransomware component. This layer of protection looks for the behavioral patterns of ransomware and stops any application that attempts to encrypt your files without your knowledge. Best of all, Anti-Ransomware stops ransomware before it can encrypt your files, which is quite rare. Most antivirus products don’t respond to ransomware until after you’ve lost some of your files.

That summarizes the main layers in Emsisoft protection software. It is worth noting that each of the layers we’ve talked about today is actually comprised of multiple sub-layers, which help to protect you from specific threats. For example, the Behavior Blocker layer includes a number of specialized sub-layers, including Exploit Prevention, Application Hardening and Fileless Malware Protection. For a full rundown of all the layers included in your Emsisoft protection software, check out the link in the description.

That brings us to the end of today’s video. Thanks for joining us. Bye for now.

Exit mobile version