Process Permit is a ”skeleton” framework that affords 3rd-party developers the ability to create rules for allowing or denying process creations on Windows NT-based operating systems. The framework can be integrated to fit local and remote rule sources, e.g: C:\Program Files\Product Name\Rules.DB or remote URLs such as https://www.RemoteHost.com/Rules.php. This offers the developer governing process creations complete granular control over every process execution system-wide. A similar framework is used in one of our flagship products EXE Radar Pro (ERP) and is tested and proven over the many years of development and wide public use. Process Permit will gather tons of useful process creation information such as the process filename, process id, MD5 hash, SHA1 hash, file description, company signing name (if signed), parent process name, parent process id etc. and expose this ”raw” data in a neatly organized structure for any application to control.
For Windows XP, Vista, 7, 8, 10 (32\64-bit)
Everything is event driven and no polling of data is needed. The service application will send a secure IPC data message to the control application when a new process is created and wait for the control application to determine whether the process creation should be (dis)allowed based upon simple or complex rule sets (robust) that can be created easily with the collected data. Such technology is useful when developing anti-executable and/or HIPS software within the security industry, we've just done the hard parts at the lowest level of the OS for you, in order for developers to solely focus on the high-level rule creation aspects.
An effective technology developed to do one thing: monitor process executions.
You get process filename, SHA1 hash, command-line, signer, parent process, etc.
The software uses SHA1 file hash to hash processes and parent processes.
Built to support Fast User Switching, User Logons and User Logouts.
We detect Thread Local Storage (TLS) callbacks used to bypass process monitoring.
Our techology works on all versions of Windows, from XP to 10 FCU (x86 & x64).
Proven to be stable, robust and to work without conflicts with other security software.
Just think about how to use our technology, the difficult part is already done.
We maintain and update (if needed) the Windows service and the kernel-mode driver.
With this video we show you Process Permit in action, so you can
see how it works and how lightweight it is.
Here there are some screenshots of the application.
Version | 1.0 |
---|---|
Last Updated | November 11, 2017 |
Operating System | For Windows XP, Vista, 7, 8, 10 (32\64-bit) |
Category | Experimental Tools |
License Type | Commercial |
File Size | 2 MB |