IPB

Welcome Guest ( Log In | Register )

 
 Reply to this topicStart new topic
eEye Enters Antivirus Business with Blink Suite
Lion7718
post Jan 29 2007, 01:56 PM
Post #1


You Think You Know Me.....
Group Icon

Group: Admin
Posts: 10,324

Joined: 17-September 04
Skin: Pirate
Member No.: 4

Home Forum:
Attached File  Security_Lock.gif ( 8.89K ) Number of downloads: 0

Source: BetaNews

The security research firm known that first came to prominence in 2001 after having discovered the gaping security hole in Microsoft Internet Information Services exploited by the worm it dubbed "Code Red," has thrown its hat all the way into the security software ring. This morning, eEye becomes an anti-virus company, going to bat against Symantec and McAfee, and integrating Norman anti-virus technology into its Blink Professional security suite.

What will distinguish the new Blink from its competition is Norman's approach to evaluating executable program behavior before it runs. As eEye Chief Technology Officer Mark Maiffret explained to BetaNews, the new Blink system will actually run executable files in a protected virtual machine, which the company says will still be called the Norman SandBox.

When eEye began scouting potential anti-virus vendors for inclusion in the new Blink, Maiffret said, "we had a large kind of honey pot that we had set up with about 20 or so antivirus vendors, and consistently the one company that kept detecting viruses ahead of time, before everybody else, was Norman. The reason we liked it is because they have real great generic technology to be able to generically identify viruses based on their characteristics, rather than using constantly updating a known signature database."

The Norman SandBox, Maiffret described, is a fast, stand-alone virtual machine, which tests the code of executables to see whether they'll do interesting things, such as changing the Windows System Registry startup keys, or some very interesting things, such as connect to an IRC chat server somewhere in Russia.

Rather than scan everything all the time, however, the new Blink will scan newly discovered executables, and may perhaps rescan them if, for instance, their patterns or file size appears to have changed. But if it's the same executable, by default, Blink will only scan it once.

Full Story


--------------------

"As long as I have the power to destroy you, I'm willing to sacrifice everything"

"Heaven Doesn't Want Me & Hell's Afraid I'll Take Over"
Go to the top of the page
 
Share:Post to Del.icio.usPost to DiggPost to FacebookPost to FarkPost to FurlPost to GooglePost to NewsvinePost to RedditPost to SlashdotPost to StumbleUponPost to YahooMyWeb
+Quote Post
« Next Oldest · Consortium News Page · Next Newest »
 

Fast ReplyReply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

> Fast Reply
Bold
Italic
Underline
Insert Image
Emoticons
Wrap in quote tags
Wrap in code tags
 
 Enable email notification of replies |  Enable Smilies |  Enable Signature
   

 

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

RSS Lo-Fi Version Time is now: 9th February 2010 - 02:27 AM
Powered By IP.Board © 2010  IPS, Inc.
Licensed to: P2PConsortium
"We Like to Share, So Sue Us"