Vulnerability Anti.doteT The End to Patch Management Headaches
The new generation of sophisticated malware, including Spyware, viruses, worms, Trojans and blended threats, exploit vulnerabilities (i.e., software flaws, security holes) in standard software to deliver payloads that cause major damage to enterprises' business operations. Carnegie Mellon University's CERT Coordination Center states that the number of vulnerabilities each year has been doubling since 1998. Gartner reports that over 90% of the security exploits are carried out through vulnerabilities for which there are known patches. (Lynda McGhie, Secure Business Quarterly) .
Remember the Mimail worm that wreaked havoc worldwide in August 2003? It was exploiting an Internet Explorer vulnerability, published in August 2002, for which Microsoft released a patch in April 2003. Mimail attacked four months after the patch's release and a full 12 months after proof-of-concept!
Finjan's breakthrough Vulnerability Anti.dote technology represents an optimal balance between powerful proactive web security and minimal patch management overhead. Based on Finjan's knowledge of new software vulnerabilities, Finjan's security experts create behavioral rules that enable the Vulnerability Anti.dote scanning engines to identify and block content that tries to exploit one or more vulnerabilities. This enables you to immunize all desktops from vulnerabilities without having to constantly roll out emergency patches, reducing the resources required for patch management. It also allows you to benefit from Finjan's early discovery of new software vulnerabilities.
Proactive Protection Against Known Vulnerabilities
Key Highlights
Protects you before the next virus/exploit outbreak, based on known vulnerabilities in any mainstream software system (e.g., Microsoft, Netscape)
Frees you of the need to worry about frequent patches
Virtually eliminates false positives for optimal transparency and user productivity
Breakthrough technology blocks any potential attack based on the known vulnerability as well as its variants
Utilizes extensive database of known and newly discovered vulnerabilities, constantly updated by Finjan's Malicious Code Research Center (MCRC)
Automatic update mechanism ("virtual patches") for new vulnerabilities, including "hot updates" pushed out by Finjan as required
Optimal balance between proactive behavior-based security and minimal management costs
Vulnerability Anti.dote security scanning utilizes a multi-layered rule-based engine that can "understand" HTML, scripts and other programmatical components that make up HTTP-based content, at a level similar to compiler analysis. Finjan's MCRC experts create detailed rules that capture the essence of the various possible vulnerabilities in browser and email applications, Windows operating system and services, and other applications that can be accessed by active content such as FTP, Windows Media Player, etc. Based on these behavioral rules, Finjan's scanners detect any attempt to exploit one or more vulnerabilities and block such content from entering your network.
Ease of Management
Vulnerabilities are logically arranged into categories, for ease of management. Vulnerability Anti.dote is managed using the unified, web-based Vital SecurityT management console.
Management of Vulnerability Anti.doteT Categories
Complete Protection Against the Most Dangerous Types of Malware Attacks
Vulnerability Anti.dote provides Day-Zero protection against known vulnerabilities in mainstream operating systems and applications that could be exploited by unknown viruses, spyware and other dangerous forms of malware. Vulnerability Anti.dote proactively protects against spoofing attacks, phishing attacks, denial of service attacks, silent "drive-by" installations of spyware, and remote code execution attacks, among others.
