This plugin is responsible for analyzing process memory for malicious or suspicious code.
What is PMI?
Process Memory Integrity (PMI) is a series of techniques that help validate the trustworthiness of code executing on a given system. This can be achieved through hashing, runtime code analysis, page flag analysis, monitoring of memory segment permission modifications, code-signing verification, and more.
For more details, see our blog post on Process Memory Integrity.
Plugins: Behavioral Rootkit Detection
This plugin is responsible for identifying behaviors associated with rootkits, including hidden processes or threads.
What is a rootkit?
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.
Please sign in to leave a comment.