The remote exploit is a common way used by attackers to get control of hosts, and it is considered one of the major threats of cybersecurity. Nowadays, the increasing number of vulnerabilities and advanced exploit techniques makes it harder to deploy effective countermeasures. The current countermeasures suffer from one or more of these disadvantages: 1) ineffective, 2) high overhead, and 3) unpractical for deployment. Therefore, a new method, which overcomes these disadvantages, for exploit containment is in critical demand. In this paper, we propose Event-Based Filter (EBF), a light-weighted and novel way to contain the exploit. EBF promptly filters out the exploit and terminates it. We present PsEBF, as a prototypic implementation of EBF, to prove our concept. PsEBF can filter process events and contain the exploit rapidly. Experiment on exploit test and performance shows that PsEBF is effective, efficient, and practical for deployment