Try CyberFOX Platforms for Free. 14-Day Free Trial

CyberFOX Solutions Blocker from AutoElevate Platform

Blocker - Better Than Blacklisting

Our Privileged Access Management (PAM) solution for MSPs and IT professionals allows you to remove local admin rights and secure end users without frustrating or slowing them down.

AutoElevate New Features PDF
Blocker Feature PDF
Just-in-Time Admin Login Feature PDF
About Blocker

What is Blocker?

An Innovative Approach to Blocklisting

We aren’t reinventing the blocklisting or allowlisting wheel here – just innovating it. Blocker is designed to help mitigate malicious actors/activity that may use programs that are natively on your networks to corrupt data, steal information or worse. 

Superior Control Without the Headache

When you’re trusted to secure your organization’s IT systems and infrastructure, you need reliable, easy-to-use solutions that fit seamlessly into your security stack. We developed our solutions to deliver all of that and more — along with unmatched customer support.

Comprehensive Recommendation List Based on Your Environment

Blocker curates a comprehensive list of recommended items and empowers you to choose what you want blocked from executing or allowed to operate.   Take control of what can operate within your environment. Easily define rules that allow specific parent processes to run child applications or processes while blocking others. 

Why Blocker?

Living Off the Land (LOTL) Attacks

LOTL attacks made up 71% of all attacks in 2022 (from the CrowdStrike 2023 Global Threat Report). Bad actors infiltrate networks and wreak havoc using legitimate components of the Windows Operating System, which often escape detection by traditional anti-malware applications.

Enhanced Security

Safeguard your organization against potential security breaches by blocking listed applications, binaries, and .dll files. These native Windows binaries are rarely used by end users directly, so blocking them won’t be too much of an impact on most typical business environments.

Minimized False Positives

Blocker’s curated list focuses explicitly on known attack vectors helping to ensure minimal disruption to your legitimate applications and operations.

Sign Up For Free Trial

Try out the complete solution to see for yourself how simple privileged access management software can be.

Sign Up Now

Blocker FAQ

How does Blocker differentiate itself from other security features in the market, and what specific threats does it aim to address?

The Blocker feature in CyberFOX AutoElevate can block 200+ native Windows applications, binaries, and .dll files that are typically used as LOTL attack vectors.
 
We rely primarily on sources like Microsoft, community projects (such as the LOLBAS project), and our own research to keep the product to date. That said, please note that Blocker is focused on “malware-free” aka “Living off the Land” attacks. These tend to exploit known applications and tools that have been in Windows for a very long time – a subset of which have been deprecated and only remain there for backwards compatibility.
 
It is not a separate product. Blocker is a new process blocking/allowing tool within CyberFOX AutoElevate.
 

CyberFOX AutoElevate and Blocker, are designed to be configured by system administrators and technical staff. That said, we do aim to make it as user friendly and easy to use as possible. Someone with limited technical knowledge should be able to configure Blocker when utilizing our recommendation engine after an appropriate audit period.

CyberFOX AutoElevate Blocker tool blocks at a process level.

Only new endpoints that you wish to utilize the Blocking feature on would need to be placed in Audit mode. This allows us to identify the applications, processes, and .dll’s being used on the machine so the recommendation engine can suggest rules that will reduce threat vectors.