CyberSecurity Institute

AV-Test is not as well-known in the United States as it should be, possibly because the group is located in Germany at the Otto von Guericke University Magdeburg. Andreas Marx, manager of AV-Test, provided test results showing how long it took 23 major anti-virus programs worldwide to come up with new signature files during the past several weeks. The new signature files involved in the test were developed to fight four novel viruses that weren’t being caught by the preventive or “heuristic” techniques of most anti-virus programs. These four new viruses are known as Dumaru.Y, MyDoom.A, Bagle.A and Bagle.B.

AV-Test uses special scripts to check the servers at anti-virus companies every five minutes, looking for new signature files.

H:M Anti-Virus Program
06:51 Kaspersky
08:21 Bitdefender
08:45 Virusbuster
09:08 F-Secure
09:16 F-Prot
09:16 RAV
09:24 AntiVir
10:31 Quickheal
10:52 InoculateIT-CA
11:30 Ikarus
12:00 AVG
12:17 Avast
12:22 Sophos
12:31 Dr. Web
13:06 Trend Micro
13:10 Norman
13:59 Command
14:04 Panda
17:16 Esafe
24:12 A2
26:11 McAfee
27:10 Symantec
29:45 InoculateIT-VET

Although new signatures are sometimes posted very quickly in special cases, many major anti-virus services schedule regular online updates only once or twice a week, AV-Test says. Other providers, such as F-Secure, schedule updates seven times a week, while Kaspersky Labs schedules them 20 times a week, according to AV-Test’s figures.

Kaspersky schedules new signature files the most often — and earned the fastest average response times in AV-Test’s real-time trials, shown above — because the company has a large number of people around the world analyzing viruses and developing cures, Holdsworth says.

More info: http://itmanagement.earthweb.com/columns/executive_tech/article.php/3316511

The new user-driven features include an integrated patch repository that can automatically collect patch information from Microsoft Corp. and Sun Microsystems Inc. as well as Shavlik Technologies LLC, a small patch-management vendor that collects information about patches and provides it in machine-readable format, including dependencies and meta data associated with a patch.

“This product allows you to simulate a patch being installed on an end-point, and you can do end-path analysis,” described Purnima Padmanabhan, director of product management at Marimba of Mountain View, Calif.

The simulator can determine before deployment which patches will install on end-points and which will not, which patches are obsolete; and it will identify patch conflicts and installation order.

Within one shot, you know how many [end-points] are compliant or are not compliant,” Padmanabhan said.

http://www.eweek.com/article2/0,4149,1533017,00.asp?kc=EWRSS03119TX1K0000594

The machine, which will compete with similar products from rivals EMC and Network Appliance, is designed to help companies preserve information in keeping with a host of new laws such as the Sarbanes-Oxley Act and the Health Insurance Portability and Accountability Act (HIPAA), which are intended to prod companies to adopt better data-handling practices.

This feature helps organizations in situations in which the precise retention period is unknown, IBM said. For example, because mortgages with 30-year terms can be paid off at any time, the retention period for such data could be based on the event of the payoff

Storage specialists Network Appliance and EMC have similar products on the market.

Network Appliance’s SnapLock software is designed to work with the company’s disk storage systems to help organizations satisfy record-retention requirements. The company also allows for tape backup of the data.

EMC sells a storage device called Centera designed to facilitate compliance with regulations. The product offers ease-of-management features and can be expanded to a capacity of multiple petabytes, according to EMC.

Dianne McAdam, an analyst at research firm Data Mobility Group, said one difference between the IBM product and the EMC gear is that EMC’s is designed to keep data on disks, while Big Blue’s allows customers to retain data either on disk or magnetic tape.

In a recent study by investment firm Credit Suisse First Boston, about 77 percent of chief information officers surveyed indicated some level of increased IT spending in 2004 based on regulatory requirements.

http://news.com.com/2100-7341_3-5161264.html?part=rss&tag=feed&subj=news