Our global research labs drive the development of ESET's unique technology

Today’s malware, being dynamic and often targeted, requires a multi-layered approach based on proactive and smart technologies. As far back as 20 years ago, ESET started to incorporate proactive technologies into its scanning engine and gradually implemented different layers of protection to strike at different stages of the cyber kill chain.

Now, ESET uses multi-layered technologies that go far beyond the capabilities of basic antivirus. The figure below shows various core ESET technologies and an approximation of when and how they can detect and/or block a threat during its lifecycle in the system.

Below you can find brief descriptions of individual ESET protection layers.

For the complete description see the white paper

Reputation & Cache

When inspecting a file or URL, before any scanning takes place, our products check the local cache for known malicious or whitelisted benign objects. This improves scanning performance.
Afterwards, our ESET LiveGrid® Reputation System is queried for the object’s reputation (i.e. whether the object has already been seen elsewhere and classified as malicious). This improves scanning efficiency and enables faster sharing of malware intelligence with our customers.
Applying URL blacklists and checking reputation prevents users from accessing sites with malicious content and/or phishing sites.


Related products:

SHOW MORE

SHOW LESS

Icon: Reputation and Cache

Exploit Blocker

While ESET’s scanning engine covers exploits that appear in malformed document files and Network Attack Protection targets the communication level, the Exploit Blocker technology blocks the exploitation process itself.
Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java, and more) and instead of just aiming at particular CVE identifiers it focuses on exploitation techniques. When triggered, the behavior of the process is analyzed and, if it is considered suspicious, the threat may be blocked immediately on the machine.
This technology is under constant development, new methods of detection are added regularly to cover new exploitation techniques.


Related products - Exploit Blocker is used in:

SHOW MORE

SHOW LESS

Icon: Exploit Blocker

Cloud Malware Protection System

The ESET Cloud Malware Protection System is one of several technologies based on ESET’s LiveGrid® cloud system. Unknown, potentially malicious applications and other possible threats are monitored and submitted to the ESET cloud via the ESET LiveGrid® Feedback System. The samples collected are subjected to automatic sandboxing and behavioral analysis, which results in the creation of automated detections if malicious characteristics are confirmed. ESET clients learn about these automated detections via the ESET LiveGrid® Reputation System without the need to wait for the next detection engine update.


Related products - Cloud Malware Protection System is used in:

SHOW MORE

SHOW LESS

Icon: Cloud Malware Protection System

We Live Security

Get in the know about the latest in IT security – news, analyses and views, and how-tos from our experts.

Go to welivesecurity.com

ESET Security Forum

Join in the discussion with professionals from ESET community – on a broad range of topics.

Visit ESET Security Forum

ESET Community

Join us on Facebook and stay in the loop with everything ESET – including unique fan content!

Visit us on Facebook