Risk
2/20/2013
12:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Trusteer Apex Protects Enterprise Endpoint Apps With Exploit Prevention Technology

Product prevents the exploitation of zero-day or unpatched application vulnerabilities

BOSTON, February 19, 2013 – Trusteer, the leading provider of endpoint cybercrime prevention solutions today announced the availability of Trusteer Apex to protect enterprises against advanced malware attacks and data breaches. Trusteer Apex prevents the biggest security problem facing organizations today: the exploitation of zero-day or unpatched application vulnerabilities in widely deployed endpoint applications, such as web browsers, Adobe Acrobat, Flash, Java and Microsoft Office. The product stops advanced targeted attacks and APTs that are initiated using malicious Web pages, spear-phishing emails, and weaponized documents to exploit these vulnerabilities, compromise employee endpoints with malware and establish a footprint inside the corporate network.

Trusteer Apex monitors the execution of endpoint applications that process external content. By applying deep application knowledge, Trusteer Apex is capable of associating operations (what the application is doing) with context (why is it doing that). For example, the product can detect that Internet Explorer is legitimately writing a new executable file to the file system as a result of a code update operation. However, Trusteer Apex will automatically terminate an application exploitation process by stopping applications from performing out-of-context operations.

The blacklisting technologies that are included in leading endpoint protection suites continue to fall short and cyber criminals are constantly changing their tactics to evade detection by these controls. Meanwhile, application whitelisting solutions, which address evasion by allowing only known-good software to run, have proven very difficult to manage. Due to this complexity, large enterprises are failing to widely deploy these solutions to all endpoints and leaving themselves vulnerable to malware infections.

Over the last seven years, Trusteer has helped more than 300 financial institutions worldwide protect their corporate and retail customers against the most sophisticated and evasive malware attacks. During this period, Trusteer acquired unique expertise by monitoring behaviors of endpoint applications and has applied this knowledge to develop Trusteer Apex. Many Trusteer customers already protect tens of thousands of their employees against advanced threats using Trusteer Apex technology.

“Advanced malware protection continues to be a losing battle for enterprises because malware is constantly evolving to evade detection. Current security controls require constant care that enterprises simply cannot afford,” said Mickey Boodaei, CEO, Trusteer. “With Trusteer Apex, enterprises can protect themselves against exploitation of the constant flurry of application vulnerabilities and stop data exfiltration with zero management effort.”

Trusteer Apex includes the following capabilities:

· Application Exploit Prevention: Trusteer Apex blocks malicious code embedded in Web pages and business documents from exploiting zero-day or unpatched vulnerabilities in client applications and installing malware on the endpoint.

· Data Exfiltration Prevention: Trusteer Apex restricts untrusted files from executing sensitive operations that are potentially malicious. For example, tampering with other application processes to hide communication traffic to a command and control center. Untrusted files are sent to Trusteer for analysis and are either approved or removed from the endpoint.

· Ease of Deployment and Automated Management: Trusteer Apex can be deployed within days, over tens of thousands of endpoints, both managed and unmanaged, and is specifically designed to support large and complex environments. No learning period is required and no initial or ongoing configuration is necessary.

For more information about Trusteer Apex, please go to http://www.trusteer.com/Products/trusteer-apex.

Join us for the Trusteer Apex exclusive launch event on February 27th, 2013 11:30am PST at the St. Regis Hotel, San Francisco, California.

Click to Tweet: .@Trusteer Apex ushers new era of enterprise endpoint #ITsecurity http://bit.ly/TcC3Bd

About Trusteer

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect organizations against financial losses and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect managed and unmanaged endpoints against exploitation and compromise by online threats that are invisible to legacy security solutions. Global organizations such as HSBC, Santander, The Royal Bank of Scotland, SunTrust and Fifth Third are among Trusteer’s customers. www.trusteer.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7421
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

CVE-2014-8160
Published: 2015-03-02
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disall...

CVE-2014-9644
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-201...

CVE-2015-0239
Published: 2015-03-02
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYS...

CVE-2014-8921
Published: 2015-03-01
The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote attackers to capture credentials by c...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.