CrystalAEP is designed to provide front-line protection against Internet-borne threats such as viruses and malware. Unlike the typical anti-virus program, Crystal does not attempt to recognize threats based on signatures, and does not require constant updating to protect against the latest threats. Crystal works instead by manipulating at-risk software while it runs to help form an environment which is hostile to Internet worms, malware and other types of malicious code. As CrystalAEP does not require signatures to be effective, instead seeking to undermine the launch mechanisms employed by malicious code to install itself on a user's system, Crystal can be effective against the most novel threats right from day one.
CrystalAEP operates by running within every instance of a protected program (for example the web browser), performing checks at key points within the program's life-time in an attempt to ensure that it is not under attack. Crystal also alters the behaviour of protected programs to render them more difficult targets for malicious software seeking to be installed on a user's system - if the vulnerable program malware is targeting is in an unknown and constantly changing state many traditional methods for exploiting flaws within the software are made significantly more difficult.
The software is designed first and foremost to protect against so called "drive-by download" exploits, in which an unsuspecting user visits a website which attempts to trigger a software vulnerability within an application the user has legitimately installed to force the silent installation of malicious software. While CrystalAEP is effective in blocking attacks which originate without user interaction, Crystal is not able to prevent users from being tricked into consciously downloading and installing malicious software and therefore is best used in tandem with an anti-virus program by less experienced computer users.