Does Symantec Endpoint Detection and Response (SEDR) use Apache as a web server?

Symantec uses nginx for purposes of providing a web based UI within SEDR 4.x. Builds of Advanced Threat Protection (ATP) Platform 3.x and earlier used Apache for the UI.

Symantec made this change to improve the scalability where Symantec Endpoint Protection (SEP) clients register with SEDR to report log entries and receive commands. Some vulnerability scanners continue to report Apache based vulnerabilities in error when scanning SEDR 4.x builds. If you see any such false positives, please work with your vulnerability scanner provider to resolve.