Learn about Advanced Machine Learning (AML) in Symantec Endpoint Protection (SEP) 14.
This endpoint-based machine learning engine can detect malware based on static attributes. AML enables SEP to detect malware in the pre-execution phase thereby stopping large classes of malware, both known and unknown.
The AML engine is intended to work with the Symantec real-time cloud-based threat intelligence to provide best-in-class protection with low false positives. Cloud connectivity further reduces false positives.
The AML engine is a component of the SEP client. Updates are acquired through definition updates. Updates are not needed as frequently as traditional signature-based technology.
Note: In SEP 14, Aggressive mode may require additional management of false positives for administrators.