Sana Security Introduces Active Malware Defense Technology Center

Sana Security has unveiled its Active Malware Defense Technology Center, the information security industry's first malware information center with extensive forensic analysis of threats detected though real-time behavior heuristics technology.

The threat information provides an early warning for known and unknown threats to personal identities and mission-critical data, affording visibility into high-impact changes in the threat matrix. Enterprises are empowered to take a proactive stance with business critical systems by assessing the level of risk imposed by malicious threats, such as Trojans, rootkits, adware and spyware. Because the Active MDT Center data is real-time, it can be utilized to constantly fine-tune an organization's layered security approach, and proactively address data security and compliance.

In an active content world, enterprises and consumers are granted the opportunity to participate in social collaboration on the web. However, this trend also opens up new prospects for vulnerabilities. As malware continues to grow in speed and complexity while infiltrating these areas, the gap of time that exists until a solution is available becomes increasingly detrimental to the security of digital data. With the Active MDT Center, Sana's customers have visibility beyond their single enterprise into a broader universe of threat information. Active MDT Center's multi-faceted data includes information on the stealthy components malware tries to install, zero-day malware that does not yet have a signature from anti-virus (AV) vendors, and common threats of all severity levels found by Sana Security anti-malware solutions installed worldwide. This information center shows the most frequently detected malware variants, breaking them down by category and frequency to help users adjust security postures for a head start in the remediation of these threats. By cross-referencing threat data produced by Active MDT Center against existing AV protection, enterprises can gauge the breadth of risk imposed by malicious software and implement security safeguards accordingly.

At the core of these capabilities is Sana's patented and award-winning Active Malware Defense Technology, built into its Primary Response suite of security products. The technology is designed to assess multiple behavioral characteristics of a system, detecting when malware is present by identifying what the malware does as opposed to what it is. The combination of behaviors between programs are tracked and examined to determine the presence of malicious software. Upon detection, multiple components acting together are completely removed to prevent reinstallation and eliminate the chance of survival during reboot. For example, Active MDT running on one test machine in Sana Labs removed 503 malicious files.

To enable enterprises across a wide variety of industries to stay ahead of the threat curve with a current defense-in-depth strategy, Active MDT Center provides critical information including:
* AV vendor malware detection metrics to assist in auditing and implementing safeguards
* Latest malware to be found by Sana that does not yet have a signature to help assess risk and implement counter-measures
* Latest malware submitted to Sana tracked by date and severity to revise security postures through constant learning
* Detailed forensics, including file characteristics and associated files, to help identify at-risk resources

On September 22, the automated forensic analysis generated by Sana Labs revealed a glimpse into the impact of sneaky malware and its alarming effects impacting system security:
* 41 different varieties of malware had gone undetected by traditional AV solutions since May 12
* Major AV vendors took up to 21 days to detect malware, after it had been identified by Active MDT Center
* Popular AV solutions missed up to 68 percent of malicious threats in their initial scan, and up to 54 percent afterward
* The most common categories and variants of malware were attributed to stealthy Trojans

As of September 13, 2006 Sana Labs had recorded 160 malware samples that still had no signatures available—some of which were over six months old. Win32Goldun.kb, identified on July 4 and classified as a high severity threat, still did not have a signature from any AV vendor after more than 70 days. On average, signatures for major AV vendors took an astounding 18 days before being released. Sana Security's Active MDT Center makes users aware of known, unknown and zero-day threats as they are discovered, providing 100% attack coverage for the "Active MDT Zone" — the vulnerability gap between a signature or patch's availability, and when it is fully deployed within the enterprise.

write your comments about the article :: © 2006 Computing News :: home page