{"id":2863,"date":"2021-03-12T13:25:45","date_gmt":"2021-03-12T13:25:45","guid":{"rendered":"https:\/\/partnernews.sophos.com\/en-us\/?p=2863"},"modified":"2021-04-01T10:08:32","modified_gmt":"2021-04-01T10:08:32","slug":"new-intercept-x-protection-feature-dynamic-shellcode-protection","status":"publish","type":"post","link":"https:\/\/partnernews.sophos.com\/it-it\/2021\/03\/products\/new-intercept-x-protection-feature-dynamic-shellcode-protection\/","title":{"rendered":"New Intercept X Protection Feature: Dynamic Shellcode Protection"},"content":{"rendered":"

Intercept X has released, and enabled, a new protection feature called Dynamic Shellcode Protection. This is an exciting new addition to Sophos Intercept X<\/a>, designed to prevent active adversaries from achieving one of their most sought-after goals: using remote access agents to gain \u201chands on keyboard\u201d privileges.<\/p>\n

According to Mark Loman, Director of Engineering at Sophos “The Dynamic Shellcode Protection is unique to Sophos. It basically puts a HARD LIMIT on ANY application to what memory they can allocate. It impacts EVERY process on the box, even Windows\u2019 own processes! \u00a0I am not overstating things when I say that imposing this limit is incredibly, incredibly bold of Sophos”.<\/p>\n

You can read an article on Sophos News<\/a> talking about this new feature.<\/p>\n

For a technical deep dive into this attack technique and how Dynamic Shellcode Protection stops it, read Mark Loman\u2019s excellent article<\/a> also on Sophos News.<\/p>\n

Feel free to share the above articles with customers.<\/p>\n","protected":false},"excerpt":{"rendered":"

Dynamic Shellcode Protection in Intercept X protects against remote access agents.<\/p>\n","protected":false},"author":56,"featured_media":3000002650,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[70],"tags":[32],"coauthors":[103],"class_list":["post-2863","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","tag-intercept-x"],"jetpack_featured_media_url":"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/01\/featured-image-sophos-endpoint-blog-icon-1600x960-1.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/posts\/2863","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/users\/56"}],"replies":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/comments?post=2863"}],"version-history":[{"count":1,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/posts\/2863\/revisions"}],"predecessor-version":[{"id":2896,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/posts\/2863\/revisions\/2896"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/media?parent=2863"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/categories?post=2863"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/tags?post=2863"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/it-it\/wp-json\/wp\/v2\/coauthors?post=2863"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}