Infiltrator Posted February 12, 2012 Share Posted February 12, 2012 BLADE is a new Windows immunization system that prevents surreptitious drive-by download exploits from infecting vulnerable Windows hosts. BLADE is implemented as a series of kernel extensions, which interrupt the covert binary installation phase of current malware drive-by exploits. We test BLADE daily against live malicious URL links across the Internet and publicly post our unfiltered and auto-generated results to BLADE's Evaluation Lab. To date, BLADE's interception logic has demonstrated 100% effectiveness in preventing covert binary installations using the most widely deployed browsers on the Internet. Furthermore, over the past six months we have tested BLADE against the newest 0-day drive-by exploit attacks within days of their release, and none have circumvented BLADE. Source: http://www.blade-defender.org/ Quote Link to comment Share on other sites More sharing options...
digip Posted February 12, 2012 Share Posted February 12, 2012 I wonder how well it does against memory only reverse shells, such as meterpreter attacks or native PowerShell attacks. Quote Link to comment Share on other sites More sharing options...
redxine Posted February 12, 2012 Share Posted February 12, 2012 Great. I see many statistics and plenty of scientific method here... except the system in question has been promised to be "coming soon" (as a free research prototype) for nearly a year now. It's not science if it can't be reproduced. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted February 13, 2012 Author Share Posted February 13, 2012 @Digip, I guess we will have to wait until its out, in addition based on their research conducted in their labs, it has a 100% detection and prevention against any drive-by malware/exploit. But it's too soon to talk about. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.