Risk
2/20/2013
12:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Trusteer Apex Protects Enterprise Endpoint Apps With Exploit Prevention Technology

Product prevents the exploitation of zero-day or unpatched application vulnerabilities

BOSTON, February 19, 2013 – Trusteer, the leading provider of endpoint cybercrime prevention solutions today announced the availability of Trusteer Apex to protect enterprises against advanced malware attacks and data breaches. Trusteer Apex prevents the biggest security problem facing organizations today: the exploitation of zero-day or unpatched application vulnerabilities in widely deployed endpoint applications, such as web browsers, Adobe Acrobat, Flash, Java and Microsoft Office. The product stops advanced targeted attacks and APTs that are initiated using malicious Web pages, spear-phishing emails, and weaponized documents to exploit these vulnerabilities, compromise employee endpoints with malware and establish a footprint inside the corporate network.

Trusteer Apex monitors the execution of endpoint applications that process external content. By applying deep application knowledge, Trusteer Apex is capable of associating operations (what the application is doing) with context (why is it doing that). For example, the product can detect that Internet Explorer is legitimately writing a new executable file to the file system as a result of a code update operation. However, Trusteer Apex will automatically terminate an application exploitation process by stopping applications from performing out-of-context operations.

The blacklisting technologies that are included in leading endpoint protection suites continue to fall short and cyber criminals are constantly changing their tactics to evade detection by these controls. Meanwhile, application whitelisting solutions, which address evasion by allowing only known-good software to run, have proven very difficult to manage. Due to this complexity, large enterprises are failing to widely deploy these solutions to all endpoints and leaving themselves vulnerable to malware infections.

Over the last seven years, Trusteer has helped more than 300 financial institutions worldwide protect their corporate and retail customers against the most sophisticated and evasive malware attacks. During this period, Trusteer acquired unique expertise by monitoring behaviors of endpoint applications and has applied this knowledge to develop Trusteer Apex. Many Trusteer customers already protect tens of thousands of their employees against advanced threats using Trusteer Apex technology.

“Advanced malware protection continues to be a losing battle for enterprises because malware is constantly evolving to evade detection. Current security controls require constant care that enterprises simply cannot afford,” said Mickey Boodaei, CEO, Trusteer. “With Trusteer Apex, enterprises can protect themselves against exploitation of the constant flurry of application vulnerabilities and stop data exfiltration with zero management effort.”

Trusteer Apex includes the following capabilities:

· Application Exploit Prevention: Trusteer Apex blocks malicious code embedded in Web pages and business documents from exploiting zero-day or unpatched vulnerabilities in client applications and installing malware on the endpoint.

· Data Exfiltration Prevention: Trusteer Apex restricts untrusted files from executing sensitive operations that are potentially malicious. For example, tampering with other application processes to hide communication traffic to a command and control center. Untrusted files are sent to Trusteer for analysis and are either approved or removed from the endpoint.

· Ease of Deployment and Automated Management: Trusteer Apex can be deployed within days, over tens of thousands of endpoints, both managed and unmanaged, and is specifically designed to support large and complex environments. No learning period is required and no initial or ongoing configuration is necessary.

For more information about Trusteer Apex, please go to http://www.trusteer.com/Products/trusteer-apex.

Join us for the Trusteer Apex exclusive launch event on February 27th, 2013 11:30am PST at the St. Regis Hotel, San Francisco, California.

Click to Tweet: .@Trusteer Apex ushers new era of enterprise endpoint #ITsecurity http://bit.ly/TcC3Bd

About Trusteer

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect organizations against financial losses and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect managed and unmanaged endpoints against exploitation and compromise by online threats that are invisible to legacy security solutions. Global organizations such as HSBC, Santander, The Royal Bank of Scotland, SunTrust and Fifth Third are among Trusteer’s customers. www.trusteer.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7830
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse cap...

CVE-2014-7831
Published: 2014-11-24
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.

CVE-2014-7832
Published: 2014-11-24
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by vi...

CVE-2014-7833
Published: 2014-11-24
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.

CVE-2014-7834
Published: 2014-11-24
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?