An Inside Look at Symantec CSP v8.0

While the product remains mostly the same, the most significant new feature of Symantec Critical System Protection (CSP) v8.0 is the Web Console. This is where administrators can manage the new Simplified Whitelisting Policy. The policy itself contains two primary sandboxes: one for all Windows Programs and Services and the other for the Whitelisted applications. 

Tuning is no longer required when using the Streamlined Whitelisting Policy feature, providing major value-add for users. It’s as simple as whitelisting the applications that should be allowed to run.

Check out the demo below:

https://fast.wistia.net/embed/iframe/np36wgjllq

CSP v8.0 has also included 10 new Anti-Exploit techniques built-in to the two sandboxes:

  • Enforce Data Execution Prevention
  • Stack Based DEP Override Prevention
  • Stack Pivot Attack Prevention
  • Stack Execution Protection From Non Code Segment (Buffer Overflow)
  • Load Library Protection
  • Null Page Dereference
  • Heap Based DEP Override Protection
  • Heap Execution Protection From Non Code Segment (Heap Overflow)
  • ROP Caller Check

Need help hardening your operational technology and IoT? Contact us