Via the Internet, individuals and organizations with malicious intent develop software that damage computer systems and/or are used to steal the personal information of users (including individual users or entities such as companies). Such malicious software, or malware, often exploits code vulnerabilities and/or gets installed onto users' computer systems by tricking users into taking some action.
One way to protect against malware is via anti-malware software. Contemporary anti-malware software uses a variety of mechanisms to catch and quarantine malware. In most instances, signatures, behavior monitoring, and filter drivers are used to protect users from software that would otherwise damage the computer.
Contemporary anti-malware technology has led to a cycle in which the malware authors try to outsmart the anti-malware developers, and vice-versa. Sometimes the malware authors win, at least for awhile, because protection against an exploit has not yet been discovered. There are also cases where the user simply has not updated his or her machine to detect the latest malware, sometimes because the user is careless or not computer-savvy.
Other times users prefer to not burden their machines by running an antimalware product, at least not to its full capability. More particularly, many end-users complain that any anti-malware application is intrusive, creates performance bottlenecks, takes up application CPU cycles, and sometimes locks up certain files from use. As a result, it is a well-known fact that end-users end up excluding certain processes, folders, and/or file types from real-time anti-malware scanning.
What is needed is another way to protect users from malware. This includes users who are intentionally not fully compliant from a security standpoint, as well as users who naïvely click on or otherwise take action to install infected executables without realizing the consequences of their actions.