Rather than permit executable computer files to install themselves unless they appear on a blacklist, Comodo’s Endpoint Security Manager protects enterprise data on a new model: default-deny protection (DDP).
The default-deny model refuses by default to execute any files, as opposed to the more widely-used default-allow model.
With industry-standard default-allow protection, malicious software such as viruses, keyloggers, Trojans or buffer overflow attacks can wriggle in to the computer and install itself without the user’s knowing or being able to stop it. Computers are exposed to malicious software if a computer user opens an infected email, or reads from an infected thumb drive or disk. Default-allow systems only stop malware if it is already on the security vendor’s list of known malware, and if the computer user has updated the list.
The whitelist of allowable files in Comodo Endpoint Security Manager now exceeds two million making it easier than ever to use.