Apex One Vulnerability Protection has been designed to be a simplified solution for new and emerging vulnerabilities by minimizing administration and deployment efforts.
The predefined rules in Apex One Vulnerability Protection have been fine-tuned and reviewed in our labs to work together with other Apex One features to have maximized protection from these threats.
Examples:
| Name | CVE Description | Apex One VP |
|---|---|---|
| CVE-2020-0674: Scripting Engine Memory Corruption Vulnerability | This is a known browser vulnerability and is treated as “in the wild”. | There would be no need to create a rule for this vulnerability due to the following reason that the Vulnerability is covered by Browser Exploit Solution which is a component of Web Reputation. Browser Exploit Solution is a heuristic engine that detects browser vulnerabilities which are found “in the wild”. |
| CVE-2017-8759: .NET Framework Remote Code Execution Vulnerability | This is a vulnerability that would involve a drive by download by opening a malicious file or application for browser preview or user time of click. | This would not need to be covered by Apex One Vulnerability Protection as this should be detected by the Advanced Threat Scan Engine which is part of Real-time Scan. The action taken to this vulnerability would depend on the setting set by administrators. |
| CVE-2020-0601: Microsoft Windows CryptoAPI Spoofing Vulnerability | This is a vulnerability where an attacker could exploit a vulnerability using a spoofed certificate to sign a malicious executable to make it look legitimate. This can then be used to conduct man in the middle attacks. | A rule has been created on this since there is an available Proof of Concept. This would then cause the vulnerability to be easily exploited. |
In summary, Apex One Vulnerability Protection is part of the multi-layer approach of the Apex One agent including Machine Learning, Behavior Monitoring, Browser Exploit Solution, Web Reputation and Real-time Scan, therefore providing the most effective technology and rules to maximize endpoint protection.