Trending Now

WebProWorld

WebProWorld

Menu
Search
Headline
AI Search
OpenAI Expands ChatGPT Capabilities with Integrated Search Functionality
Essential Tips for Structuring the Beginning, Middle, and End of a Novel.
Essential Tips for Structuring the Beginning, Middle, and End of a Novel
How to Write Engaging Blogs People Want to Read
How to Write Engaging Blogs People Want to Read
Why Social Media Habits Can Be Harmful
Why Social Media Habits Can Be Harmful
How to Change Your Apple Watch Face to Digital
How to Change Your Apple Watch 9 Face Clock to Digital
Drivers Who Text 23 Times More Likely To Crash
Drivers Who Text 23 Times More Likely To Crash
Social Media Will Not Replace Search
Social Media Will Not Replace Search
Guide to Improve Your Email Domain Reputation
Guide to Improve Your Email Domain Reputation
Fall Planting Guide for Eastern Tennessee
Fall Planting Guide for Eastern Tennessee

Intrusion Prevention Advances

Archive
webproworld

Intrusion Prevention Advances

Symantec takes a step forward with a product capable of detecting and thwarting “day-zero” viruses.

The process of combating viruses has been like the proverbial closing of the barn door after the horses escape. Antivirus solutions don’t have an answer to a virus outbreak until after it has begun to circulate.

To answer the threat, a software product would have to detect a virus as one even if its signature file didn’t contain details on that virus. Many antivirus programs attempt to use heuristics to isolate potential problems, but those have been problematic for enterprises, sometimes detecting legitimate traffic on a network as a threat.

Symantec seems to have made progress on this front. It has announced a product called Critical System Protection 4.5, for Windows, UNIX, and Linux platforms. The CSP product will launch later this month.

The company advertises it as a defense against so-called “day-zero” attacks, those being virus threats for which a signature does not yet exist in antivirus products. One security manager credited the product for its effectiveness.

“(D)uring our profiling period, Symantec Critical System Protection has shown real value in its ability to identify malicious activity that slipped through other layers of protection,” reports Kenneth Brothers, manager of Information Security at the Federal Home Loan Bank of New York. “In one specific example, it identified a day-zero virus’ before an antivirus signature was available.”

Symantec says the product uses behavior-based intrusion prevention technology to protect clients and servers against unknown malicious behavior. Buffer overflow and memory-based attack protection provide added defense against the most sophisticated attacks.

CSP also incorporates a firewall that can monitor network traffic, and it has the usual capabilities to block inbound and/or outbound traffic on a port or protocol basis.

With its ability to enforce security policies and compliance, firms working under the purview of Sarbanes-Oxley should find the product complements their efforts at maintaining those required internal controls for auditing purposes.

David Utter is a staff writer for Murdok covering technology and business. Email him here.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top