Enable Early Launch Anti-Malware Protection on Endpoints

Apex One supports the Early Launch Anti-Malware (ELAM) feature as part of the Secure Boot standard to provide boot time protection on endpoints. Administrators can enable this feature to start Apex One agents before other third-party software drivers when endpoints start up. This feature enables Apex One agents to detect malware during the operating system boot process.

After scanning all third-party software drivers, the Apex One agent reports the driver classification information to the system kernel. Administrators can define actions based on the driver classifications in Group Policy in Windows and view scan results using Event Viewer on endpoints.


ELAM is supported only on Windows 8.1 (or later) and Windows Server 2012 (or later) platforms.