Need to determine whether Symantec Endpoint Protection (SEP) offers protection for a specific vulnerability or threat. There are a number of resources available for checking existing coverage for known threats.
Release : SEP 14.x
The following resources can be reviewed when researching SEP coverage for vulnerabilities and threats:
Detections for Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins:
For emerging threats, the Protection Bulletin is a good place to start to review existing coverage:
The Symantec Security Center is a hub article with numerous links to other Security resources such as the submission portal (for either false positives or negatives), signature listings and software documentation.
If looking for IPS coverage for a CVE, the attack signatures listing found in the Symantec Security Center is a good place to search. In the Intrusion Detection Signatures section, click on 'Listing of Attack Signatures'. In the search bar on the next page, do a search for the CVE (example: CVE-2021-26084). Often there will be corresponding IPS signatures that have the CVE in the name of the signature as illustrated below:
If you have a file hash and would like to check Symantec coverage for that hash, that can be checked on virustotal. While an absence of Symantec coverage on virustotal isn't a definitive answer as it can take some time for that information to post, it's a good place to start. It's also good to keep in mind that when making a hash submission, that it must be an already known hash. If the hash comes up with results on virustotal, the hash is known.