NEDERLANDS
NEDERLANDS
ENGLISH
Home
Producten
Shop
Support
Downloads

Protect your PC, data, identity and money

The unique technologies in HitmanPro.Alert 3 are designed to stop threats before they emerge and aims to protect your vulnerable software, data and identity against current and future attacks, without requiring prior knowledge of the attack or malicious program.


Download now

Supports 32-bit and 64-bit versions of Windows 10, Windows 8.1, Windows 7, Windows Vista and Windows XP

Seals the gaps

Antivirus programs are all designed to help catch the daily hundreds of thousands new malicious programs, the payload. Unlike this, HitmanPro.Alert can actually block the exploit (thus blocking its payload), without requiring prior knowledge of the abused weakness or the malicious program. It also makes malware belief it is running in an unwanted research environment, causing most sandbox-aware malware to terminate itself.

Reveals the spies

HitmanPro.Alert instantly detects over 99% of all known and new banking trojans and other spies. It automatically informs users when critical system functions are diverted to untrusted programs and effectively reveals the presence of any so-called Man-in-the-Browser malware. It also prevents attackers from abusing you own webcam. And by encrypting your keystrokes, HitmanPro.Alert protects your credentials while you work, play or shop online.

Protects your data

Since it is much harder for a malware-author to change the behavior of his malware (e.g. take files hostage), HitmanPro.Alert looks out for suspicious activity instead of working with virus signatures. If e.g. mass encryption is detected, HitmanPro.Alert's CryptoGuard technology will automatically neutralize the perpetrating program and restore the encrypted documents, without the need for any user intervention.
Learn more about CryptoGuard

Hardware-assisted Control-Flow Integrity

HitmanPro.Alert 3 is the first and only commercially available exploit mitigation software capable of leveraging MSR hardware registers in your existing Intel® microprocessor to assist Alert's Control-Flow Integrity (CFI) analysis. And where other security software struggle with application compatibility, HitmanPro.Alert is compatible with other security solutions, including exploit mitigation software.

Code mitigations

HitmanPro.Alert 3 keeps an eye on program execution flow, prevents heap sprays and stops attacks that e.g. redirect exception handling to run unwanted malicious code. Without affecting regular program use, it also blocks sophisticated Return-Oriented Programming (ROP) attacks and exploits that abuse logic-flaws in widely-used or company specific software.

Memory mitigations

HitmanPro.Alert 3 is capable of per-application enforcement of Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR) and Bottom-up ASLR memory protections; on current and legacy software without requiring the source code of the protected application, even on outdated Windows XP that no longer receives security updates from Microsoft.

Feature Overview, Comparison

DESCRIPTION Antivirus and Antimalware
Antivirus
Malwarebytes Anti-Exploit
MBAE
Microsoft Enhanced Mitigation Experience Toolkit
EMET
Palo Alto Networks Traps
Traps
SurfRight HitmanPro.Alert
Alert
On-demand Malware Detection and Remediation
Integrated Anti-Malware scanner
Multilingual User Interface English, Brazilian Portuguese, Chinese (Traditional and Simplified), Dutch, French, German, Italian, Korean, Polish, Russian, Spanish
Safe Browsing (Man-in-the-Browser Detection)
Warns when malware manipulates the browser; behavior-based
Active Vaccination
Makes sandbox-aware malware self-terminate
CryptoGuard
Protects your data against Cryptolocker-like ransomware; behavior-based
Webcam Notifier
Blocks the webcam when it is (secretly) accessed
Keystroke Encryption
Protects credentials against keyloggers in the browser
Process Protection
Protects the main executable of a process against unmapping
BadUSB Protection
Blocks malicious USB devices that pose as a keyboard
Exploit Mitigations
Aims to stop attackers from exploiting software vulnerabilities
Fine-grained Per-Application Mitigation Settings
Allows advanced users to change individual mitigations
Pseudo Address Space Layout Randomization (ASLR)
Prevents predictable code locations of modules, incl. on Windows XP
Network Lockdown
Helps to stop attacks that connect back to command-and-control
Full 64-bit Support
Offers 64-bit applications same protection as 32-bit applications
Software Radar
Automatically protects new browsers, plug-ins, media and office applications
High DPI User Interface
Suitable for Home Users, Power Users and IT Pros
Advanced Threat Reporting
Reports advanced technical data for forensic threat analysis


Exploit Protection Comparison

The following overview is based on tests performed by our Exploit Test Tool in a non-virtual environment.

TECHNIQUE DESCRIPTION Antivirus and Antimalware
Antivirus
Malwarebytes Anti-Exploit
MBAE
Microsoft Enhanced Mitigation Experience Toolkit
EMET
Palo Alto Networks Traps
Traps
SurfRight HitmanPro.Alert
Alert
Stack Pivot
Points stack pointer to heap allocated memory: XCHG ESP, EAX
Stack Exec
Marks the stack executable: PAGE_EXECUTE_READWRITE
Unpivot Stack
Executes ROP-chain on both pivoted and native stack
ROP – WinExec()
Runs Calculator via Return-Oriented Programming
ROP – VirtualProtect()
Runs Calculator via Return-Oriented Programming
ROP – CALL preceded VirtualProtect()
Runs Calculator via Return-Oriented Programming
ROP – NtProtectVirtualMemory()
Runs Calculator via Return-Oriented Programming
ROP – VirtualProtect() via CALL gadget
Runs Calculator via Return-Oriented Programming
ROP – WinExec() via anti-detour
Runs Calculator via Return-Oriented Programming
IAT Filtering
Get address of VirtualProtect() from IAT
Null Page
Runs Calculator via NULL pointer dereference
SEHOP
Runs Calculator by overwriting Structered Exception Handler
Heap Spray 1
Runs Calculator via single-byte NOP sled
Heap Spray 2
Runs Calculator via polymorphic NOP sled
Heap Spray 3
Fill heap with prepared Flash-Vector objects
Heap Spray 4
Fill heap with prepared JavaScript ArrayBuffer objects
Hollow Process
Start another exe in a trusted process
Load Library
Load a library from an UNC path
URLMon
Download a file via urlmon.dll, called from anonymous memory
URLMon 2
Download a file via urlmon.dll, called via ROP chain
URLMon 3
Download a file via urlmon.dll, called via ROP chain
Lockdown 1
Create calc.exe and execute
Lockdown 2
Create calc.tmp, rename to calc.exe and execute


Last Review: March 31, 2015

© SurfRight 2015  |  Disclaimer  |  Sitemap