/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsMUMBAI, INDIA: Symantec, the global security, storage and systems management solution providers believes that the IT industry has reached an inflection point where more new malicious programs are being created than good programs.
In 2008, the company wrote one million new virus signatures and reckons that the numbers are mind boggling and it’s reaching a point where it no longer makes sense to focus on analyzing malware. But rather focus on analyzing good ware as it’s more economical and less time-consuming.
Symantec Research Labs have developed two new security technologies built on the reputation based security - DeepClean and Virtualization Based Endpoint Security (VIBES) that focuses on the cost and time factors linked with security solutions.
DeepClean, the new security technology, is developed by Symantec Research Lab's Advanced Concepts group, which is a startup group within the Symantec Research Labs.
It’s a reputation based whitelisting technology designed to help customers asses their risks and exposure to rapidly emerging threats from malware.
Basically, it builds a database or whitelist of good ware files including trusted sites, authorized licenses from respective Independent Software Vendors (ISV). On the other hand, it detects any malicious unknown files or threats are marked as blacklist.
Backed by whitelist and reputation analysis coupled with signatures, heuristics and blacklists, DeepClean detects Internet threats and targeted attack types. More, it leverages and extends Symantec’s Global Intelligence Network for building and maintaining a precise, comprehensive whitelist and file/provider reputation.
“DeepClean is based on four aspects – prevalence, customer submissions, provenance and provider reputation. This helps to develop a strong whitelist that is obviously smaller compared to huge volumes of malicious content,” says, Shantanu Ghosh, vice president – India Product Operations, Symantec Corporations.
“The whitelist makes it easier to detect and mark out malware by blacklisting that saves times during security scanning,” adds Ghosh.
VIBES enables resource consolidation in data centers, offers a level of indirection that decouples the execution environment from hardware resource and further has ability to isolate virtual machines running on a physical machines for enhancing security at end points.
It leverages virtualization technology to protect end users by stopping sensitive data entered for online transactions from being stolen and mitigating risks linked with executing malicious downloaded Internet content.
“Application virtualization helps user to work at different applications with various version and operating systems (OS). Using virtualization, the security level can be raised and helps to enhance application security for example the browsers,” explains Ghosh.
At present VIBES has three virtual execution environments – 'User', 'Trusted' and 'Playground'. The user virtual machine is for normal daily activities, the trusted for trusted operations such as entering sensitive credential information and the playground for adventurous untrusted activities such as visiting unknown websites or downloading unknown applications.
Using the three environments, each with its own trust level, VIBES overall improves browser security and enables users to seamlessly use different virtual execution environments for different web activities and transactions.
More, VIBES automatically chooses the most suitable virtual execution environment for a given browser interaction scenario and completely hide the use of virtualization from end users. It employs an innovative switching method for virtual environment that maintains security and transparency with the users and websites.
“Security is the last thing today companies think where they can cut their IT budgets, it’s because of rise in online businesses and its advantages,” Ghosh concludes.