	Feature	Module	SaaS	On-Premise
Prevention / Blocking	Web Reputation Service	Anti-Malware	✔	✔	✔	✔
Anti-Malware	Anti-Malware	✘	✔	✘	✔
Pre-Execution Machine Learning	Anti-Malware	✔	✔	✔	✔
Behavior Monitoring	Anti-Malware	✘	✔	✘	✔
Attack Discovery (IOA)	Endpoint Sensor	✔	✔	✔	✔
Anti-Exploit	Anti-Malware	✘	✔	✘	✔
Runtime Machine Learning	Anti-Malware	✘	✔	✘	✔
Firewall	Anti-Malware	✘	✔	✘	✔
Device Control	Anti-Malware	✘	✔	✘	✔
Data Loss Prevention	Anti-Malware	✘	✔	✘	✔
Application Control	Application Control	✔	✔	✔	✔
VASO - IP, URL, DNS, File	Anti-Malware	✔¹	✔	✔¹	✔
VASO - IP, URL, DNS, File	Anti-Malware	✔¹	✔	✔¹	✔
UDSO - SHA1	Application Control	✔	✔	✔	✔
Virtual Patch	Virtual Patch	Vulnerability Protection	✔	✔	✔	✔
Sample Submission	Sample Submission	Anti-Malware	✔²	✔	✔²	✔
Detection	Attack Discovery (IOC)	Endpoint Sensor	✔	✔	✔	✔
Generate Root Cause Chain	Endpoint Sensor	✔	✔	✔	✔
Response	Network Isolation (via Root Cause Chain)	Anti-Malware	✔	✔	✔	✔
Application Ban (via Root Cause Chain)	Application Control	✔	✔	✔	✔
Process Termination (via Root Cause Chain)	Endpoint Sensor	✔	✔	✔	✔
Add to UDSO - IP, DNS, SHA1 (via Root Cause Chain)	Root Cause Chain	✔	✔	✔	✔
Sweeping (IOC, YARA, STIX)	Endpoint Sensor	✔	✔	✔	✔

Feature

Module

SaaS

On-Premise

Co-Exist

Exclusive

Co-Exist

Exclusive

Prevention / Blocking

Web Reputation Service

Anti-Malware

✔

Anti-Malware

✘

✔

✘

✔

Pre-Execution Machine Learning

Anti-Malware

✔

Behavior Monitoring

Anti-Malware

✘

✔

✘

✔

Attack Discovery (IOA)

Endpoint Sensor

✔

Anti-Exploit

Anti-Malware

✘

✔

✘

✔

Runtime Machine Learning

Anti-Malware

✘

✔

✘

✔

Firewall

Anti-Malware

✘

✔

✘

✔

Device Control

Anti-Malware

✘

✔

✘

✔

Data Loss Prevention

Anti-Malware

✘

✔

✘

✔

Application Control

✔

VASO - IP, URL, DNS, File

Anti-Malware

✔¹

✔

✔¹

✔

VASO - IP, URL, DNS, File

Anti-Malware

✔¹

✔

✔¹

✔

UDSO - SHA1

Application Control

✔

Virtual Patch

Virtual Patch

Vulnerability Protection

✔

Sample Submission

Sample Submission

Anti-Malware

✔²

✔

✔²

✔

Detection

Attack Discovery (IOC)

Endpoint Sensor

✔

Generate Root Cause Chain

Endpoint Sensor

✔

Response

Network Isolation (via Root Cause Chain)

Anti-Malware

✔

Application Ban (via Root Cause Chain)

Application Control

✔

Process Termination (via Root Cause Chain)

Endpoint Sensor

✔

Add to UDSO - IP, DNS, SHA1 (via Root Cause Chain)

Root Cause Chain

✔

Sweeping (IOC, YARA, STIX)

Endpoint Sensor

✔

Endpoint Sensor Captured Events	Apex One Disabled Advanced Protection Service	Apex One (On-Prem and SaaS)
File	✘¹	✔	✔
Process	✘¹	✔	✔
Registry	✔	✔	✔
Account	✘	✔	✔
IP/Port	✘	✔	✔
DNS	✘	✔	✔
Memory	✘	✔	✔
Injection	✘	✔	✔
Signature	✘	✔	✔
Internet	✘	✔	✔
AMSI	✘	✘	✔

Endpoint Sensor
Captured Events

Apex One Disabled
Advanced Protection Service

Apex One
(On-Prem and SaaS)

Co-Exist

Exclusive

File

✘¹

✔

Process

✘¹

✔

Registry

✔

Account

✘

✔

IP/Port

✘

✔

DNS

✘

✔

Memory

✘

✔

Injection

✘

✔

Signature

✘

✔

Internet

✘

✔

AMSI

✘

✔

Comparison of Apex One family features

Product / Version includes:

Apex One as a Service All , Apex One All

Last updated: 2025/02/06

Solution ID: KA-0010476

Category: Configure

Summary

This article compares the features of the Apex One family, which includes:

Apex One On-Premise
Apex One as a Service

The following table provides a comparison of features for Co-Exist and Exclusive in the Apex family.

	Feature	Module	SaaS		On-Premise
	Feature	Module	Co-Exist	Exclusive	Co-Exist	Exclusive
Prevention / Blocking	Web Reputation Service	Anti-Malware	✔	✔	✔	✔
	Anti-Malware	Anti-Malware	✘	✔	✘	✔
	Pre-Execution Machine Learning	Anti-Malware	✔	✔	✔	✔
	Behavior Monitoring	Anti-Malware	✘	✔	✘	✔
	Attack Discovery (IOA)	Endpoint Sensor	✔	✔	✔	✔
	Anti-Exploit	Anti-Malware	✘	✔	✘	✔
	Runtime Machine Learning	Anti-Malware	✘	✔	✘	✔
	Firewall	Anti-Malware	✘	✔	✘	✔
	Device Control	Anti-Malware	✘	✔	✘	✔
	Data Loss Prevention	Anti-Malware	✘	✔	✘	✔
	Application Control	Application Control	✔	✔	✔	✔
	VASO - IP, URL, DNS, File	Anti-Malware	✔¹	✔	✔¹	✔
	VASO - IP, URL, DNS, File	Anti-Malware	✔¹	✔	✔¹	✔
	UDSO - SHA1	Application Control	✔	✔	✔	✔
Virtual Patch	Virtual Patch	Vulnerability Protection	✔	✔	✔	✔
Sample Submission	Sample Submission	Anti-Malware	✔²	✔	✔²	✔
Detection	Attack Discovery (IOC)	Endpoint Sensor	✔	✔	✔	✔
Detection	Generate Root Cause Chain	Endpoint Sensor	✔	✔	✔	✔
Response	Network Isolation (via Root Cause Chain)	Anti-Malware	✔	✔	✔	✔
	Application Ban (via Root Cause Chain)	Application Control	✔	✔	✔	✔
	Process Termination (via Root Cause Chain)	Endpoint Sensor	✔	✔	✔	✔
	Add to UDSO - IP, DNS, SHA1 (via Root Cause Chain)	Root Cause Chain	✔	✔	✔	✔
	Sweeping (IOC, YARA, STIX)	Endpoint Sensor	✔	✔	✔	✔

¹ Only supports SO-URL
² Only supports USB Autorun

The following table provides a comparison of the EDR events between specific Apex One features that have been disabled and Apex One.

Endpoint Sensor Captured Events	Apex One Disabled Advanced Protection Service	Apex One (On-Prem and SaaS)
Endpoint Sensor Captured Events	Apex One Disabled Advanced Protection Service	Co-Exist	Exclusive
File	✘¹	✔	✔
Process	✘¹	✔	✔
Registry	✔	✔	✔
Account	✘	✔	✔
IP/Port	✘	✔	✔
DNS	✘	✔	✔
Memory	✘	✔	✔
Injection	✘	✔	✔
Signature	✘	✔	✔
Internet	✘	✔	✔
AMSI	✘	✘	✔

¹ Endpoint Sensor can only record partial events

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Comparison of Apex One family features

Comparison of Apex One family features

Product / Version includes:

Summary