Video Screencast Help

Endpoint Security Blog

Showing posts in English
pwadia | 16 Oct 2012 | 0 comments

In the third Symantec Cyber Security Challenges, more than a hundred seasoned hackers and security professionals came out to Washington University in St. Louis on 9.12.2012.  The “challenge” included an exciting cyber “Capture the Flag” simulation and the chance to win $20,000.  The hackers were presented with a challenge to gain access to key data on two systems (Linux and Windows) with confidential information.  The Linux system was simulating a nuclear power plant portal and the Windows system was simulating a portal for the missile defense system. The objective was to get past the security of the two systems, obtain login passwords, and gain access to confidential information. The confidential data was protected with varying degrees of security.


After 5 hours, 10 out of 16 flags were captured but no one was successful in capturing the main flag. The main flag, on an unpatched Windows 2003 Server, was protected by...

pwadia | 28 Sep 2012 | 6 comments

Organizations utilize Symantec Critical System Protection to secure their physical and virtual data centers. Through a combination of host-based intrusion detection (HIDS), and intrusion prevention (HIPS), it allows organizations to proactively safeguard heterogeneous server environments and the information they contain. Unlike other technologies, Symantec Critical System Protection’s granular policy-based controls provide comprehensive protection for VMware vSphere, protection against multiple threat vectors including zero-day and targeted attacks, and real-time visibility and control into compliance.  With the latest release, Symantec Critical System Protection 5.2.9, a deeper integration with VMware and ease-of-use enhancements enable organizations to protect against risks targeted at virtualized environments. With the new release of Symantec Critical System Protection 5.2.9, organizations can:

  • Protect and Monitor VMware...
colingibbens | 13 Aug 2012 | 8 comments


Another year, another exciting Black Hat Conference.  For the second consecutive year, Symantec challenged conference attendees to “Capture the Flag.”  While Symantec ran several smaller contests, the main event was run by placing a flag on an unpatched Windows 2003 server running several vulnerable applications, protected by Symantec solutions.  After two days of attempts by more than 50 skilled hackers, the Symantec protected systems remained hack-proof.

So what prevented some of the best in the world from prevailing?  Symantec Critical System Protection and Symantec Endpoint Protection.

  • Symantec Critical System Protection secured the system by sandboxing the OS and applications. The attacks known or unknown that were thrown at the box were contained and jailed from accessing resources on the system. The flags were locked down to only allow authorized access to the data.  
  • Symantec Endpoint...
mmarfise | 14 Jul 2012 | 0 comments

Updated July 16th, 2012 10:30 AM PST:  Additional details provided on confirmed examples where we have seen the blue screen issue.

Updated July 31st, 2012 1:36 PM PST: Issue was also experienced on Windows Server 2003 and has been confirmed by Symantec.

What Happened?

On July 11, 2012 at approximately 10:30 PM PT, Security Response started receiving reports of customers experiencing blue screens on Windows XP and Windows Server 2003 machines after applying definitions July 11th revision 18 and SONAR definitions July 11th rev11. This update only contained signature updates and no change to the SONAR driver.

The problem has been identified as a compatibility issue in SONAR definitions released July 11th at 6:25PM PT. Once the cause of the issue was discovered, the signature was...

mmarfise | 21 Oct 2011 | 11 comments

I'm pleased to announce the availability of the Symantec Endpoint Protection 12 mobile resource app – a guide for partners and end users alike to gain quick, easy access to installation and configuration information for Symantec Endpoint Protection12.1 and Symantec Endpoint Protection Small Business Edition 12.1 on the iPhone,iPad or Android device.

This app provides step-by-step installation instructions, access to frequently asked questions, as well as links to support and community resources to help users install and configure the fastest, most powerful endpoint protection security solution customers can buy. It also eliminates the need to print instructions or bring a laptop to a customer’s site by caching data for access even when offline.

We look forward to hearing your thoughts and getting your feedback for future updates to the application.

I invite you to download the mobile application today on...

CJ Desai | 04 Oct 2011 | 0 comments

We have exciting news about Symantec Endpoint Protection 12deployments in the field. We have now successfully deployed more than one million endpoints worldwide in the 86 days since the product became generally available on July 5, 2011. 37% of these endpoints are new installations, and 63% are migrations from previous versions of Symantec Endpoint Protection. The feedback from customers and partners, from small to large enterprise organizations, has been very positive. Many additional large customers plan to go live in the next few months based on this success and based on their testing of the product in their physical and virtual environments.

If you’re still using Symantec Endpoint Protection 11, it’s a great time to upgrade.  More than 1 million machines are already being protected, and...

CJ Desai | 30 Aug 2011 | 2 comments

2011 State of Security Report: 3,300 Companies Sound Off


Earlier today, we announced the findings of our 2011 State of Security Survey, which explored the state of cybersecurity efforts in organizations of all sizes. The findings of the survey* – based on 3,300 responses in 36 countries – reveals that (for the second year in a row) security is the leading business risk they face, ahead of traditional crime, natural disasters and terrorism. However, results from the survey also indicate that organizations are getting better at fighting the war against cybersecurity threats. While the majority of respondents suffered damages as a result of cyberattacks, more respondents reported a decline in the number and frequency of attacks compared to 2010.


The survey revealed additional positive findings. For example, 71...

colingibbens | 19 Aug 2011 | 4 comments

Symantec’s powerful virtual and physical server security solution- Symantec Critical System Protection was recently put to the test at the Black Hatconference. Seasoned hackers from various world renowned groups tried but failed to capture a ‘flag’ that was hidden within an un-patched, vulnerable  Windows XP workstationprotected by Symantec Critical System Protection.

The aim was to have security professionals and hackers help us improve our product by pointing out existing gaps. The flag was secured using Critical System Protection’s strong prevention policies on a Windows XP un-patched workstation. The workstation had 10 known OS vulnerabilities reported by Rapid 7, was vulnerable to attacks and had open shares that allowed external access.

At any given point in time at least 10 different IP’s were attacking the box, with some IP addresses originating from other countries,...

khoi | 08 Jul 2011 | 0 comments

Summertime! That means sunshine, travel…and additional data threats to your smartphone. What’s that? You don’t consider mobile security risks and summertime as going hand in hand? Well, consider this: As you and your employees take some well-deserved time off, will you be taking smartphones with you? Of course you will. And chances are you will be accessing corporate data. In fact, a recent Symantec survey on security habits of mobile device users revealed that 62 percent of corporate smartphone users access sensitive corporate information while on vacation, and 81 percent will at least be checking their business email accounts.

With a variety of looming threats, from unsecured networks to malicious apps, corporate smartphone users should carefully consider what they can do to make sure a vacation from the office doesn’t turn into a vacation from security. The following best practices will help you keep mobile devices secure.

  • Use the...
dschrader | 05 Jul 2011 | 0 comments


This week, Symantec started shipping Symantec Endpoint Protection 12.1 - an endpoint security solution optimized for use in virtual environments.  Trend Micro and McAfee are also shipping security products for virtual environments. 3 different companies, 4 different solutions (Trend is shipping both Deep Security Agentless Protection and OfficeScan with a plug-in) – what’s the difference?

We were curious about the performance and effectiveness of competitive solutions – so we tested them.  The results were surprising.

Reports Discussed:

Dennis Labs - Virtual desktop malware defence, April 2011

Tolly Enterprises - Symantec Endpoint Protection 12.1 vs. McAfee and Trend Micro, Anti-virus Performance in VMware ESX Virtual...