CoreTrace Demonstrates How "Autopwn Browser" Exploit Is Thwarted by BOUNCER Application Whitelisting Solution

AUSTIN, TX -- (Marketwire) -- 11/03/10 -- CoreTrace®, the leading provider of application whitelisting solutions, today announced the first public demonstration of the newly announced BOUNCER Beatdown Challenge: a beatdown of the "Metasploit Autopwn Browser" exploit. The demonstration shows how the award-winning BOUNCER solution prevents the malware's multi-faceted ability to exploit vulnerabilities and take over a victim's computer. The Autopwn Browser challenge was made by a security manager in a large northeastern retail chain.

About the "Autopwn Browser" Exploit Beatdown
The CoreTrace demonstration shows how the Autopwn Browser exploit drops code on an unprotected system, takes inventory of everything running on the system and then scans for any known vulnerabilities before calculating the best way to exploit the system. The beatdown then occurs, as the exploit is stopped from uploading on a system protected by BOUNCER. As further proof of the protection, the video shows the BOUNCER Control Center displaying all the execution attempts that tried to take place on the protected system. The Autopwn Browser exploit video can be viewed at: http://www.coretraceblogs.com/2010-11/bouncer-beatdown-preventing-autopwn-browser-exploit-from-discovering-computers-weaknesses/

About the "BOUNCER Beatdown" Challenge
The BOUNCER Beatdown Challenge, announced last month, invites IT and security professionals to challenge CoreTrace's application whitelisting product, BOUNCER, to publicly stop their recommended malware attack.

With the BOUNCER Beatdown Challenge, IT and security professionals can easily ask CoreTrace to publicly prove BOUNCER's effectiveness by recommending a specific threat via a simple form found at www.coretrace.com. For the most requested, popular or nefarious threats, CoreTrace will record the live attack and then show how BOUNCER provides full security protection.

Based on earlier requests, CoreTrace has already demonstrated its effectiveness on two other well-publicized attacks this summer:

• On June 26th, 2010, BOUNCER beat down the now-infamous Stuxnet.
• On August 26th, 2010, BOUNCER beat down DLL Hijacking attempts.

Helpful Links

• "BOUNCER Beatdown" Challenge
• BOUNCER 6.0
• BOUNCER 6.0 Review Video
• CoreTrace YouTube Channel
• CoreTrace on Twitter

About CoreTrace
CoreTrace® is the leading provider of application whitelisting-based solutions. The company's award-winning and patented BOUNCER solution is at the forefront of the movement to improve security and endpoint performance by combining application whitelisting for real-time malware prevention and cloud-based blacklists for detection and reporting. Unlike other application whitelisting solutions that are simply lockdown technologies, BOUNCER's "Trusted Change" capability enables IT professionals to predefine multiple sources from which users can safely install applications and have them automatically added to the whitelist -- all with minimal IT involvement. The result: full prevention of unauthorized applications, improved overall security, and lower total cost of ownership. CoreTrace's customers include organizations in a wide variety of industries, such as energy, oil and gas, retail, financial services, telecommunications, as well as government agencies.

For more information, visit the CoreTrace website or follow the conversation at WhiteSpace, the application whitelisting and security weblog.