Check the CVE and determine what type of vulnerability it is. Network Protection products will protect against the following:

• File based exploits (such as viruses, worms, malformed files and so on) 
• URL based exploits (such as drive-by downloads, hidden iframes pointing to malicious sites and so on)
  • If the exploit is URL based, Web Filter is the first line of defense. WebPulse automatically attempts to categorize URLs, and if needed will mark them as suspicious. Since the URLs change all the time, it is difficult to manually check for all the possible URLs malware may use, but if a particular example of the URL is known then it is possible to enter the site into https://sitereview.bluecoat.com to check it's rating. For example, if the CVE or other articles list that a particular site hosts malware exploiting the vulnerability, run the URL in sitereview.bluecoat.com to ensure it is correctly rated.

Example: Research into CVE-2010-2568 (stuxnet) shows a URL being used by stuxnet as www.mypremierfutbol.com. Running this URL through sitereview we get a result of:

• The page you want reviewed is www.mypremierfutbol.com
• This page is currently categorized as Spyware Effects/Privacy Concerns

If the exploit is file based, CA will be the first line of defense. CA can use one of several AV vendors to check if a file is malicious or not. These AV vendors independently take care of updating signatures and so on. To quickly check if your particular vendor protects against a particular vulnerability, run the following query in google:

CVE-2011-0611 site:virustotal.com

Of course the CVE number can be changed. For example, the first link for the above query gives:

In this case, several of the CA AV Vendors protect against this particular vulnerability.