Application Execution Prevention: How this one feature stops malware in its tracks

Malware is a constantly evolving threat that can cost organizations millions, and severely damage reputations with customers. By far the most common vector for malicious actors to access corporate data is through the endpoint. What are the most common ways malware can infect an endpoint, and What can ThinScale do to prevent malware entirely?

Sources of Malware in corporate environments

Downloaded from an email or an unsafe website

Malicious actors can easily be introduced to endpoints through unsafe email attachments or downloaded in unrestricted browsing sessions. These malicious actors can distribute and even execute DDOS attacks, Ransomware attacks, File destruction, Keyloggers, and more.

Uploaded from a phone/USB connection

Another common way malware is introduced is via insertable media or devices. Sometimes this is malicious and a common method of data leakage, some people will pay individuals to upload their keylogger into corporate machines. Others can be accidental, for example, malware on a mobile phone that sits idle, but will become active on a computer when the employee connects the device.

Pre-existing on personal machines

Sometimes Malware can be lying unnoticed on personal computers. This is particularly dangerous in BYOD scenarios as a simple piece of keylogging malware can steal login credentials to corporate resources or company and customer data.

How AEP prevents this

Application execution prevention (AEP) stops unwanted applications in their tracks. Detecting any processes that attempt to run and checking them against an IT-curated white/blocklist – ensures that only verified, work-essential applications ns can function. This not only defends against applications being introduced to the environment but also against pre-existing malware. As seen in this video below, malware is unable to function due to ThinScale’s AEP feature. Through AEP companies are able to realize their Zero-Trust endpoint strategy that much easier, as it follows the least privilege security model, as well as the assumed breach process.


It is important for organizations to constantly evolve their security approach to combat modern malware. As can be seen, malicious actors can infect endpoints in a multitude of ways. ThinScale prevents this with AEP, stopping any and all unapproved processes from running on the device.

Ready to see it in action?