Risk
2/20/2013
12:40 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Trusteer Apex Protects Enterprise Endpoint Apps With Exploit Prevention Technology

Product prevents the exploitation of zero-day or unpatched application vulnerabilities

BOSTON, February 19, 2013 – Trusteer, the leading provider of endpoint cybercrime prevention solutions today announced the availability of Trusteer Apex to protect enterprises against advanced malware attacks and data breaches. Trusteer Apex prevents the biggest security problem facing organizations today: the exploitation of zero-day or unpatched application vulnerabilities in widely deployed endpoint applications, such as web browsers, Adobe Acrobat, Flash, Java and Microsoft Office. The product stops advanced targeted attacks and APTs that are initiated using malicious Web pages, spear-phishing emails, and weaponized documents to exploit these vulnerabilities, compromise employee endpoints with malware and establish a footprint inside the corporate network.

Trusteer Apex monitors the execution of endpoint applications that process external content. By applying deep application knowledge, Trusteer Apex is capable of associating operations (what the application is doing) with context (why is it doing that). For example, the product can detect that Internet Explorer is legitimately writing a new executable file to the file system as a result of a code update operation. However, Trusteer Apex will automatically terminate an application exploitation process by stopping applications from performing out-of-context operations.

The blacklisting technologies that are included in leading endpoint protection suites continue to fall short and cyber criminals are constantly changing their tactics to evade detection by these controls. Meanwhile, application whitelisting solutions, which address evasion by allowing only known-good software to run, have proven very difficult to manage. Due to this complexity, large enterprises are failing to widely deploy these solutions to all endpoints and leaving themselves vulnerable to malware infections.

Over the last seven years, Trusteer has helped more than 300 financial institutions worldwide protect their corporate and retail customers against the most sophisticated and evasive malware attacks. During this period, Trusteer acquired unique expertise by monitoring behaviors of endpoint applications and has applied this knowledge to develop Trusteer Apex. Many Trusteer customers already protect tens of thousands of their employees against advanced threats using Trusteer Apex technology.

“Advanced malware protection continues to be a losing battle for enterprises because malware is constantly evolving to evade detection. Current security controls require constant care that enterprises simply cannot afford,” said Mickey Boodaei, CEO, Trusteer. “With Trusteer Apex, enterprises can protect themselves against exploitation of the constant flurry of application vulnerabilities and stop data exfiltration with zero management effort.”

Trusteer Apex includes the following capabilities:

· Application Exploit Prevention: Trusteer Apex blocks malicious code embedded in Web pages and business documents from exploiting zero-day or unpatched vulnerabilities in client applications and installing malware on the endpoint.

· Data Exfiltration Prevention: Trusteer Apex restricts untrusted files from executing sensitive operations that are potentially malicious. For example, tampering with other application processes to hide communication traffic to a command and control center. Untrusted files are sent to Trusteer for analysis and are either approved or removed from the endpoint.

· Ease of Deployment and Automated Management: Trusteer Apex can be deployed within days, over tens of thousands of endpoints, both managed and unmanaged, and is specifically designed to support large and complex environments. No learning period is required and no initial or ongoing configuration is necessary.

For more information about Trusteer Apex, please go to http://www.trusteer.com/Products/trusteer-apex.

Join us for the Trusteer Apex exclusive launch event on February 27th, 2013 11:30am PST at the St. Regis Hotel, San Francisco, California.

Click to Tweet: .@Trusteer Apex ushers new era of enterprise endpoint #ITsecurity http://bit.ly/TcC3Bd

About Trusteer

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect organizations against financial losses and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect managed and unmanaged endpoints against exploitation and compromise by online threats that are invisible to legacy security solutions. Global organizations such as HSBC, Santander, The Royal Bank of Scotland, SunTrust and Fifth Third are among Trusteer’s customers. www.trusteer.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7407
Published: 2014-10-22
Cross-site request forgery (CSRF) vulnerability in the MRBS module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2014-3675
Published: 2014-10-22
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.

CVE-2014-3676
Published: 2014-10-22
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."

CVE-2014-3677
Published: 2014-10-22
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

CVE-2014-3828
Published: 2014-10-22
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 allow remote attackers to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid parameter to views/graphs/GetXmlTree.php, (3) the session_id...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.