Intrusion Prevention

Any access by the application not covered by security policy is denied and causes alert.
Prevents damage by denying access.
Provides intrusion detection by alerting policy violations.

Finding good policy is difficult.
Systrace provides Interactive Policy Generation.
Access not covered by policy creates interactive alert that allows user to redefine security policy if necessary.
Interactive alert has caught trojaned software already!

Security policy can be enforced without modifying application.
Legacy applications can be secured without rewriting them.