Exploits Explained Document

Hi Fabio,  The way Intercept X addresses vulnerabilities may be different than most vendors. Instead of identifying a vulnerability and placing a block or patch on the system for a given software component intercept X is looking to prevent the techniques that are used to take advantage of the vulnerabilities.   By addressing the methods that adversaries use  we can stop them from performing a stack pivot, heap spray or a number of other techniques. What this does is allow us to prevent these types of attacks without having to have prior knowledge of a vulnerability.  The good thing is this protects software from attack even when the vulnerability is not yet known by the software manufacturer and is a zero-day. The draw back to this approach is that we do not maintain a list of CVE's that we guard against. We are not patching the vulnerability or preventing it from being triggered, we are instead looking for the act of exploitation of software.

The question on the XG Firewall and how it mitigates CVE's will have to be taken up by the XGFW forum, but the answer to the question of would we have multiple layers of protection with an XG FW and Intercept X is YES, you would have multiple layers of protection. The XGFW may be preventing the attack by observing the network traffic and the endpoint is preventing the attack by detecting the exploit technique is use.

Hi Fabio,  The way Intercept X addresses vulnerabilities may be different than most vendors. Instead of identifying a vulnerability and placing a block or patch on the system for a given software component intercept X is looking to prevent the techniques that are used to take advantage of the vulnerabilities.   By addressing the methods that adversaries use  we can stop them from performing a stack pivot, heap spray or a number of other techniques. What this does is allow us to prevent these types of attacks without having to have prior knowledge of a vulnerability.  The good thing is this protects software from attack even when the vulnerability is not yet known by the software manufacturer and is a zero-day. The draw back to this approach is that we do not maintain a list of CVE's that we guard against. We are not patching the vulnerability or preventing it from being triggered, we are instead looking for the act of exploitation of software.

The question on the XG Firewall and how it mitigates CVE's will have to be taken up by the XGFW forum, but the answer to the question of would we have multiple layers of protection with an XG FW and Intercept X is YES, you would have multiple layers of protection. The XGFW may be preventing the attack by observing the network traffic and the endpoint is preventing the attack by detecting the exploit technique is use.