Introducing CVE Mapping: Gain Insight into ATP’s Detection of Unknown and Zero-Day Threats

As cyber threats become more sophisticated, enterprises need a solution that goes beyond standard threat prevention. Many of our customers using Threat Prevention (TP) often ask, “What more can Advanced Threat Prevention (ATP) detect?” Today, we’re excited to introduce a new way to answer that question with greater clarity and transparency.

In the first phase of this feature rollout, we’re adding a new section to our content release notes that provides a list of CVEs (Common Vulnerabilities and Exposures) detected by ATP’s Inline Cloud Detection models for Command Injection and SQL Injection. This addition is designed to give you better insight into what our Advanced Threat Prevention Solution is detecting to protect your organization from advanced threats and give you actionable feedback as to how you can protect your business infrastructure further.

What’s New?

You’ll now find a dedicated section in the content release notes specifically for ATP. This section lists CVE IDs for all unknown exploits identified by our Inline Cloud Analysis models, providing you with a more informed view of the vulnerabilities that ATP protects against. 

Why This Matters for TP Customers

If you’re currently using Threat Prevention, you already benefit from a strong level of protection. However, attackers are constantly finding new ways to evade traditional defenses. ATP takes detection to the next level by leveraging the right balance of machine learning, deep learning, and Generative AI trained models to identify unknown or sophisticated exploits that Threat Prevention alone might miss. We call this Precision AI™. With the addition of CVE mapping in our release notes, you now have a clear view of the advanced threats ATP covers. This transparency helps you see the tangible value of ATP and the extra layer of security it provides.

Why This Matters for ATP Customers

For those already using Advanced Threat Prevention, this update offers even more value. The new CVE mapping provides greater threat explainability, giving you immediate context for detected threats. You’ll be able to see how ATP identifies unknown exploits and links them to existing vulnerabilities, allowing you:

• Stronger Reporting: Use the CVE information to report on specific vulnerabilities ATP has blocked, helping you demonstrate the value of your security investments.
• Increased Confidence: With a clearer understanding of the threats ATP mitigates, you can confidently verify the effectiveness of your solutions against sophisticated attacks.
• Faster Incident Response: The CVE references in the release notes offer your security team actionable intelligence, reducing the time spent researching each exploit.
• Better Patch Prioritization: By knowing which CVE a particular attack covers, you can quickly identify and prioritize which parts of your infrastructure require patching, enhancing overall security management.

This update not only gives you deeper insights into what ATP detects but also helps you optimize your security strategy by understanding the exact threats ATP detects.

Next Steps

Moving forward, our goal is to make it even easier for you to see and report on the difference ATP can make in protecting your environment. In our future update, we plan to integrate this CVE mapping directly into the ATP report, saving you time demonstrating the value of your security and giving you immediate access to threat information as it’s detected.

Get Started With CVE Mapping in Content Release Notes

You can subscribe to receive the content release notes and see firsthand the advanced threat detection capabilities of ATP. If you’re not already using ATP, this is a great opportunity to either activate a free trial or ensure your license is properly configured to strengthen your defenses against today’s most sophisticated cyber threats.