The core foundational pillar of the Stormshield Endpoint Security (SES) Next Generation Endpoint Protection is the capability to monitor memory to identify and stop malware that has slipped past other protection layers by using Memory Intrusion Prevention System technology (MIPS). This SES MIPS protection operates without any reliance on signatures or similar “looking back” detection methods. SES MIPS detects the most sophisticated techniques used by attackers (examples include heap spraying, stack overflow, heap overflow, integer overflow and Ret-to-LibC) even if they have never been seen before – unknown. SES MIPS uses a set of security layers that work against attempts to compromise the computer system – detection of exploited vulnerabilities (e.g., corruption of the memory in order to execute malicious code), detection of malware installed on the computer, detection of malicious actions and all other known attack methods. An example of an attack that is a litmus test for any NGEPP solution is fileless malware - how do they stop a fileless malware attack? SES MIPS provides this protection and can identify and stop fileless malware that has never been seen before.