It offers:
- startup control of executables, termination of processes and or threads,
- startup of a remote thread,
- system shutdown
- control access to libaries, loading of drivers,
- access to physical memory
- low level data access
- install a global hook
- installation of drivers or services
- keylogger protection
- registry protection
- file protection
When startup control of executables is enabled it also offers parent - child control via pop-ups at first start of a process.
In short it offers both event centric control (like behavioral blockers) and application faced control (like classical HIPS as SSM and ProSecurity).