Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, February 05, 2009

Sunbelt Pioneers New Anti-Virus Technology

US company Sunbelt Software is set to become one of the first anti-virus vendors to embrace a promising but as yet little-used new technique for malware detection known as ‘file emulation’.  Released this week to UK users after a US launch some time ago, the company’s Vipre Enterprise anti-malware client is on the face of it just another program jostling for attention with the admin-friendly claim that it can protect PCs from malware without slaughtering performance.  Known in company jargon as ‘MX-Virtualization’ (MX-V), Vipre effectively creates an emulated Windows PC in a sandbagged area of memory, mimicking API functions such as the Windows registry, file system, and communications interfaces to see what a file is trying to do.

In a separate interview with Techworld, Eckelberry said that as far as he was aware the only other anti-malware products to have tried file emulation in anger were Microsoft and BitDefender.

Vipre Enterprise also boasts of its anti-rootkit protection - the program runs a special module called ‘firstscan in advance of Windows loading - and advanced kernel monitoring.

Posted on 02/05